Lucene search

Ubuntu.comUB:CVE-2020-8026

HistoryAug 07, 2020 - 12:00 a.m.

CVE-2020-8026

2020-08-0700:00:00

ubuntu.com

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

A Incorrect Default Permissions vulnerability in the packaging of inn in
openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local
attackers with control of the new user to escalate their privileges to
root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26
and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior
versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior
versions.

Notes

Author	Note
seth-arnold	suse packaging

References

launchpad.net/bugs/cve/CVE-2020-8026

nvd.nist.gov/vuln/detail/CVE-2020-8026

security-tracker.debian.org/tracker/CVE-2020-8026

www.cve.org/CVERecord?id=CVE-2020-8026

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

8.4 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for UB:CVE-2020-8026