CVE-2013-0337
published 2013-10-27CVE-2013-0337: The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.
Affected
53 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | nginx | — | — |
| f5 | nginx | <= 1.3.13 | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
| f5 | nginx | — | — |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH