← volver
CVE-2020-8030

skuba: Insecure /tmp usage when joining node to cluster

CVSS 3.6 LOWEPSS 0.2%CWE-377
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
Productos afectados
SUSE · SUSE CaaS Platform 4.5

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://bugzilla.suse.com/show_bug.cgi?id=1177361