Insecure Permissions in Network Associates ePolicy Orchestrator Agent 3.5.0 (Patch 3) Web Server
CVE-2005-2554 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
The web server for Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) uses insecure permissions for the "Common Framework\Db" folder, which allows local users to read arbitrary files by creating a subfolder in the EPO agent web root directory.
Learn more about our Web App Pen Testing.