IIS FTP servers may allow a remote attacker to read or delete files on the server, even if they have "No Access" permissions.
CVSS Metrics
