Remote File Access Vulnerability in Apache Thrift Node.js Web Server

Remote File Access Vulnerability in Apache Thrift Node.js Web Server

CVE-2018-11798 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security vulnerability in which a remote user has the ability to access files outside the set webservers docroot path.

Learn more about our Cis Benchmark Audit For Apache Http Server.