← voltar
CVE-2020-8030

skuba: Insecure /tmp usage when joining node to cluster

CVSS 3.6 LOWEPSS 0.2%CWE-377
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
Produtos afetados
SUSE · SUSE CaaS Platform 4.5

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://bugzilla.suse.com/show_bug.cgi?id=1177361