Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-27 | CVE-2017-2622 | Files or Directories Accessible to External Parties vulnerability in Redhat Openstack 10 An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made world readable. | 5.5 |
| 2018-07-19 | CVE-2018-10869 | Files or Directories Accessible to External Parties vulnerability in Redhat Certification and Enterprise Linux redhat-certification does not properly restrict files that can be download through the /download page. | 7.5 |
| 2018-06-11 | CVE-2018-5112 | Files or Directories Accessible to External Parties vulnerability in multiple products Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. | 7.5 |
| 2018-03-23 | CVE-2017-1602 | Files or Directories Accessible to External Parties vulnerability in IBM products IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. | 4.3 |
| 2018-01-18 | CVE-2018-0106 | Files or Directories Accessible to External Parties vulnerability in Cisco Elastic Services Controller A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access sensitive information on a targeted system. | 3.3 |
| 2017-12-18 | CVE-2017-15104 | Files or Directories Accessible to External Parties vulnerability in multiple products An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. | 7.8 |
| 2017-11-09 | CVE-2017-16651 | Files or Directories Accessible to External Parties vulnerability in multiple products Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, including configuration files, as exploited in the wild in November 2017. | 7.8 |
| 2017-10-23 | CVE-2017-7079 | Files or Directories Accessible to External Parties vulnerability in Apple Itunes An issue was discovered in certain Apple products. | 5.5 |
| 2017-10-13 | CVE-2017-11829 | Files or Directories Accessible to External Parties vulnerability in Microsoft Windows 10 and Windows Server 2016 Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions. | 5.5 |
| 2017-09-30 | CVE-2017-14942 | Files or Directories Accessible to External Parties vulnerability in Intelbras WRN 150 Firmware 1.0.1 Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin:language=pt cookie. | 9.8 |