[Japanese] | |
JVNDB-2012-001932 | |
Vulnerability in Fujitsu Interstage List Works Where Permissions Cannot Be Denied | |
Overview | |
Fujitsu Interstage List Works has a vulnerability where, when Everyone or a group is granted permissions to access the archive folder and data through the management tool or command line, denying permissions for a specific user who belongs to these groups fails and is not reflected on the lists. | |
CVSS Severity (What is CVSS?) | |
CVSS V2 Severity:
Base Metrics 3.6 (Low) [IPA Score]
| |
Affected Products | |
| |
FUJITSU | |
| |
Impact | |
A user who is denied permission to access a specific data may access and delete the list. | |
Solution | |
Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action. | |
Vendor Information | |
FUJITSU | |
CWE (What is CWE?) | |
| |
CVE (What is CVE?) | |
| |
References | |
| |
Revision History | |
|
Date Public | 2012/03/26 |
Date First Published | 2012/04/11 |
Date Last Updated | 2012/04/11 |