Local Privilege Escalation in Nakivo Backup & Replication Director on Linux
CVE-2020-15850
7.8HIGH
What is CVE-2020-15850?
In Nakivo Backup & Replication Director version 9.4.0.r43656 for Linux, insecure permissions permit local users to access the Nakivo Director web interface. This vulnerability exists because the database that holds user credentials and the password-recovery secret value can be read by unauthorized users, potentially granting them root access to the system.