Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-03-24	CVE-2019-4001	Incorrect Default Permissions vulnerability in Druva Insync 6.5.0 Improper input validation in Druva inSync Client 6.5.0 allows a local, authenticated attacker to execute arbitrary NodeJS code. local low complexity druva CWE-276	4.6

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.