CVE-2020-13867

Summary: CVE-2020-13867 affects Open-iSCSI targetcli-fb up to 2.1.52, with weak permissions for /etc/target and the backup directory/files, enabling potential access to sensitive data in those paths. The issue is documented across multiple sources and has been addressed in updated packages (e.g.,...

CVE-2020-10699

CVE-2020-10699 affects targetcli-fb in Linux: versions 2.1.50 and 2.1.51 ship a world-writable /var/run/targetclid.sock, enabling a local attacker to modify iSCSI config and escalate to root. Connected advisories confirm exploitation is local and privilege escalation is possible via the targetcli...