{"id":"CVE-2021-44216","details":"Northern.tech CFEngine Enterprise before 3.15.5 and 3.18.x before 3.18.1 has Insecure Permissions that may allow unauthorized local users to access the Apache and Mission Portal log files.","modified":"2026-04-12T03:54:45.496639Z","published":"2022-03-10T17:44:14.353Z","related":["SUSE-SU-2023:2126-1"],"references":[{"type":"ADVISORY","url":"https://northern.tech"},{"type":"EVIDENCE","url":"https://cfengine.com/blog/2022/cve-2021-44215-and-cve-2021-44216/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cfengine/core","events":[{"introduced":"0"},{"fixed":"5fa81b4c586daa33ca0896f73b428a93cb5bccbe"},{"introduced":"b2e902351f51f30b46836494ae9cc1b38b3c6cf5"},{"fixed":"b3170ef3f81becdaa41cec32b43a1b450f626bb1"}],"database_specific":{"cpe":"cpe:2.3:a:northern.tech:cfengine:*:*:*:*:enterprise:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"3.15.5"},{"introduced":"3.18.0"},{"fixed":"3.18.1"}],"source":"CPE_FIELD"}}],"versions":["3.10.0b1-build1","3.12.0a1-build1","3.12.0b1","3.12.0b1-build1","3.12.0b1-build2","3.13.0","3.13.0-build1","3.13.0-build2","3.14.0","3.14.0-2","3.14.0-2-build1","3.14.0-build1","3.14.0-build2","3.14.0-build3","3.14.0-build4","3.15.0","3.15.0-2-build1","3.15.0-build1","3.15.0-build2","3.15.0-build3","3.15.0-build4","3.15.0-build5","3.15.0-build6","3.15.0-build7","3.15.0b1","3.15.0b1-build1","3.15.0b1-build2","3.15.0b1-build3","3.15.0b1-build4","3.15.1","3.15.1-build1","3.15.1-build2","3.15.1-build3","3.15.1-build4","3.15.1-build5","3.15.2","3.15.2-1-build1","3.15.2-1-build2","3.15.2-2","3.15.2-2-build1","3.15.2-build1","3.15.3","3.15.3-build1","3.15.3-build2","3.15.4","3.15.4-2","3.15.4-2-build1","3.15.4-2-build2","3.15.4-build1","3.15.4-build2","3.15.5-build1","3.15.5-build2","3.15.5-build3","3.15.5-build4","3.18.0","3.18.0-1-build1","3.18.0-1-build2","3.18.0-1-build3","3.18.0-2","3.18.0-2-build1","3.18.0-2-build2","3.18.0-build3","3.18.1-build1","3.18.1-build2","3.18.1-build3","3.18.1-build4","3.3.x-branchpoint","3.4.0a1","3.4.x-branchpoint","3.5.0a1","3.5.0a2","3.5.0b1","3.5.x-branchpoint","3.6.0b1","3.6.0b1-build1","3.6.0b1-build2","3.6.0b1-build3","3.6.0b1-build4","3.6.0b2","3.6.0b2-build1","3.6.0b2-build3","3.6.0b2-build4","3.6.0b2-build5","3.6.0eb1-build1","3.6.0eb1-build2","3.6.0eb2-build1","3.6.0eb2-build2","3.6.x-branchpoint","3.6rc","3.6rc-build2","3.8.0b1-build1","3.8.0b1-build2","svn-migration-point","v3.6.0a0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-44216.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}]}