Accellion Kiteworks appliances before kw2016.03.00 use setuid-root permissions for /opt/bin/cli, which allows local users to gain privileges via unspecified vectors. <a href"http://cwe.mitre.org/data/definitions/276.html">CWE-276: Incorrect Default Permissions</a>
Publication date: Sat, 27 Aug 2016 00:59:00 +0000