VULHUB ™

Enomaly ECP (Elastic Computing Platform) creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible. Versions prior to ECP 2.1.1[6] are vulnerable.

Enomaly ECP (Elastic Computing Platform) creates temporary files in an insecure manner. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. Successfully mounting a symlink attack may allow the attacker to delete or corrupt sensitive files, which may result in a denial of service. Other attacks may also be possible. Versions prior to ECP 2.1.1[6] are vulnerable.