CyberSec.Space Logo
CVEブラウザに戻る

CVE-2020-8026

HIGH
8.4
CVSS Severity Score
EPSS Score0.1620%
EPSS Percentile41.08th
Published2020年8月7日
Last Modified2024年11月21日

Vulnerability Description

A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions.

Affected Platforms (CPE)

📦
Opensuse

Backports Sle

= 15.0
📦
Opensuse

Backports Sle

= 15.0
📦
Opensuse

Tumbleweed

<= 2.6.2-4.2
💻
Opensuse

Leap

= 15.1
💻
Opensuse

Leap

= 15.2

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00063.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00064.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00074.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00038.html
🔗 https://bugzilla.suse.com/show_bug.cgi?id=1172573
🔗 http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00063.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00064.html
🔗 http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00074.html

関連する脆弱性情報

CVE-2020-80197.7

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SU...

CVE-2021-319986.8

A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports S...

CVE-2020-696610.0

In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ver...

CVE-2020-696110.0

In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Ve...