CVE-2020-8027

🗓️ 11 Feb 2021 16:10:14Reported by suseType

Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain acces

Reporter	Title	Published	Views	Family All 22
Circl	CVE-2020-8027	11 Feb 202118:42	–	circl
Cvelist	CVE-2020-8027 openldap uses fixed paths in /tmp	11 Feb 202116:10	–	cvelist
EUVD	EUVD-2020-28939	7 Oct 202500:30	–	euvd
NVD	CVE-2020-8027	11 Feb 202116:15	–	nvd
Tenable Nessus	openSUSE Security Update : openldap2 (openSUSE-2020-1534)	5 Oct 202000:00	–	nessus
Tenable Nessus	openSUSE Security Update : openldap2 (openSUSE-2020-1539)	30 Sep 202000:00	–	nessus
Tenable Nessus	SUSE SLED15 / SLES15 Security Update : openldap2 (SUSE-SU-2020:2712-1)	9 Dec 202000:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : openldap2 (SUSE-SU-2020:2712-2)	9 Dec 202000:00	–	nessus
OPENSUSE Linux	Security update for openldap2 (moderate)	26 Sep 202000:00	–	opensuse
OPENSUSE Linux	Security update for openldap2 (moderate)	26 Sep 202000:00	–	opensuse

NVD

Node

opensuse openldap2Range<2.4.46-9.37.1

AND

suse linux_enterprise_serverMatch15ltss

Node

opensuse openldap2Range<2.4.46-9.37.1

AND

suse linux_enterprise_serverMatch15sap

Node

opensuse openldap2Range<2.4.46-lp151.10.18.1

AND

opensuse leapMatch15.1

Node

opensuse openldap2Range<2.4.46-lp152.14.9.1

AND

opensuse leapMatch15.2

[
  {
    "product": "SUSE Linux Enterprise Server 15-LTSS",
    "vendor": "SUSE",
    "versions": [
      {
        "lessThan": "2.4.46-9.37.1",
        "status": "affected",
        "version": "openldap2",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "SUSE Linux Enterprise Server for SAP 15",
    "vendor": "SUSE",
    "versions": [
      {
        "lessThan": "2.4.46-9.37.1",
        "status": "affected",
        "version": "openldap2",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "openSUSE Leap 15.1",
    "vendor": "openSUSE",
    "versions": [
      {
        "lessThan": "2.4.46-lp151.10.18.1",
        "status": "affected",
        "version": "openldap2",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "openSUSE Leap 15.2",
    "vendor": "openSUSE",
    "versions": [
      {
        "lessThan": "2.4.46-lp152.14.9.1",
        "status": "affected",
        "version": "openldap2",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.suse.com/show_bug.cgi

21 Nov 2024 05:38Current

6.6Medium risk

Vulners AI Score6.6

CVSS 24.6

CVSS 3.16.6 - 7.3

EPSS0.00041

CWE-377