In the end of November, a vulnerability has been discovered in dCache service, which may in some circumstances allow an unauthenticated person to change file ownership, view and delete arbitrary files.
The vulnerability has been fixed in dCache versions 6.2.10, 6.1.18, 6.0.29 and 5.2.35.
See the full advisory sent to EGI sites by EGI SVG: https://wiki.egi.eu/wiki/SVG:Advisory-SVG-2020-16939
Recent Comments