CVE-2014-8327

2014-10-2715:00:00

mitre

www.cve.org

5.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

46.4%

JSON

The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions for sFTP driver files and folders, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

References

typo3.org/extensions/repository/view/fal_sftp

typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-014/

exchange.xforce.ibmcloud.com/vulnerabilities/97668