Vulnerabilities > CVE-2020-8026 - Unspecified vulnerability in Opensuse Backports Sle, Leap and Tumbleweed
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 2 | |
Application | 3 |
References
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00063.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00063.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00064.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00064.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00074.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00074.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00038.html
- http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00038.html
- https://bugzilla.suse.com/show_bug.cgi?id=1172573
- https://bugzilla.suse.com/show_bug.cgi?id=1172573