Weak Permissions in Alertus Desktop Notification on OS X Allows Local Users to Suppress Emergency Notifications

Weak Permissions in Alertus Desktop Notification on OS X Allows Local Users to Suppress Emergency Notifications

CVE-2016-5087 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:P

Alertus Desktop Notification before 2.9.31.1710 on OS X uses weak permissions for configuration files and unspecified other files, which allows local users to suppress emergency notifications or change content via standard filesystem operations.

Learn more about our Cis Benchmark Audit For Desktop Software.