Vulnerabilities > CVE-2020-8030 - Insecure Temporary File vulnerability in Suse Caas Platform 4.5

CVSS 3.6 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

suse

CWE-377

NVD

Published: 2021-02-11

Updated: 2021-02-19

Summary

A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.

Vulnerable Configurations

Part	Description	Count
Application	Suse Suse Caas Platform 4.5	1

Common Weakness Enumeration (CWE)

CWE-377 - Insecure Temporary File

References

https://bugzilla.suse.com/show_bug.cgi?id=1177361