CVE-2018-16494
HIGHVersa Operating System < 16.1r2s11 - Insecure File Permissions via Umask Setting
Title source: llmDescription
In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. Insecure umask setting was present throughout the Versa servers.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://hackerone.com/reports/1168191
Scores
CVSS v3
8.8
EPSS
0.0192
EPSS Percentile
77.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-377
CWE-668
Status
published
Products (1)
versa-networks/versa_operating_system
< 16.1r2s11
Published
May 26, 2021
Tracked Since
Feb 18, 2026