Vulnerabilities > CVE-2014-8327 - Information Disclosure vulnerability in FAL Sftp Project FAL Sftp 0.2.4

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
fal-sftp-project
NVD
Published: 2014-10-27
Updated: 2017-09-08

Summary

The fal_sftp extension before 0.2.6 for TYPO3 uses weak permissions for sFTP driver files and folders, which allows remote authenticated users to obtain sensitive information via unspecified vectors.

Vulnerable Configurations

Part Description Count
Application
Fal_Sftp_Project
2

References