Description

The File Session Manager in Beego 1.10.0 allows local users to read session files because of weak permissions for individual files.

Remediation

References

CVE-2019-16355

Related Vulnerabilities

WordPress Plugin Zedity:The Easiest Way To Create Posts & Pages Unspecified Vulnerability (5.0.2)

MySQL CVE-2016-0662 Vulnerability (CVE-2016-0662)

Ruby on Rails Resource Management Errors Vulnerability (CVE-2016-0751)

Undertow Uncontrolled Resource Consumption Vulnerability (CVE-2019-14888)

WordPress Plugin Woo Custom Checkout Field Multiple Vulnerabilities (1.3.2)

Severity

Medium

Classification

CVE-2019-16355 CWE-276 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities