Unrated severityNVD Advisory· Published Jan 3, 2019· Updated Aug 5, 2024
CVE-2018-20131
CVE-2018-20131
Description
The Code42 app before 6.8.4, as used in Code42 for Enterprise, on Linux installs with overly permissive permissions on the /usr/local/crashplan/log directory. This allows a user to manipulate symbolic links to escalate privileges, or show the contents of sensitive files that a regular user would not have access to.
Affected products
2- Range: <6.8.4
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/106452mitrevdb-entryx_refsource_BID
- code42.com/r/support/CVE-2018-20131mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.