---

CVE-2017-9868 - log back

CVE-2017-9868 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Local
Type	+ Information disclosure
Description	+ In Mosquitto through 1.4.12, mosquitto.db (aka the persistence file) is world readable, which allows local users to obtain sensitive MQTT topic information.
References	+ https://mosquitto.org/2017/06/security-advisory-cve-2017-9868/ + https://github.com/eclipse/mosquitto/issues/468 + https://github.com/eclipse/mosquitto/commit/09cb1b61c8f48284d9c42bd911faa7525cc689c7
Notes