CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-13867 – targetcli: weak permissions for /etc/target and backup files
https://notcve.org/view.php?id=CVE-2020-13867
Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files). Open-iSCSI targetcli-fb versiones hasta 2.1.52, presenta permisos débiles para /etc/target (y para el directorio de respaldo y los archivos de respaldo) An access flaw was found in targetcli, where the `/etc/target` and underneath backup directory/files were world-readable. This flaw allows a local attacker to access potentially sensitive information such as authentication credentials from the /etc/target/saveconfig.json and backup files. The highest threat from this vulnerability is to confidentiality. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00005.html https://github.com/open-iscsi/targetcli-fb/pull/172 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LANBGRCCZBPKKBD5ZMJS7C7DYAHYR6B https://security.gentoo.org/glsa/202008-22 https://access.redhat.com/security/cve/CVE-2020-13867 https://bugzilla.redhat.com/show_bug.cgi?id=1848143 • CWE-276: Incorrect Default Permissions •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10699 – targetcli: world writable /var/run/targetclid.sock allows unprivileged user to execute commands
https://notcve.org/view.php?id=CVE-2020-10699
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root. Se detectó un fallo en Linux, en targetcli-fb versiones 2.1.50 y 2.1.51, donde el socket utilizado por targetclid era de tipo world-writable. Si un sistema habilita el socket targetclid, un atacante local puede usar este fallo para modificar la configuración de iSCSI y escalar sus privilegios a root. A flaw was found in Linux, where the socket used by targetclid was world-writable. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10699 https://github.com/open-iscsi/targetcli-fb/issues/162 https://security.gentoo.org/glsa/202008-22 https://access.redhat.com/security/cve/CVE-2020-10699 https://bugzilla.redhat.com/show_bug.cgi?id=1819219 • CWE-732: Incorrect Permission Assignment for Critical Resource •