CVE-2015-3201

Published: Jun 8, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

Thermostat before 2.0.0 uses world-readable permissions for the web.xml configuration file, which allows local users to obtain user credentials by reading the file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

FEDORA-2015-8867

vendor-advisory

x_refsource_FEDORA

http://icedtea.classpath.org/hg/thermostat/rev/c2f18f81f57a

x_refsource_CONFIRM

http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=2372

x_refsource_CONFIRM

RHSA-2015:1052

vendor-advisory

x_refsource_REDHAT

75066

vdb-entry

x_refsource_BID

FEDORA-2015-8919

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-3201

Description

Affected Products

References