PT-2020-3499 · Open Iscsi+3 · Open-Iscsi+3

Published

2020-06-19

Updated

2022-05-24

CVE-2020-14019

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Open-iSCSI rtslib-fb versions 2.1.72 and earlier

Description The issue is related to weak permissions for the /etc/target/saveconfig.json file due to the use of shutil.copyfile instead of shutil.copy, resulting in permissions not being preserved. This could potentially allow an attacker to execute arbitrary code by sending specially crafted data to the application.

Recommendations For Open-iSCSI rtslib-fb versions 2.1.72 and earlier, consider updating to a version where the issue is fixed, or as a temporary workaround, manually correct the permissions of the /etc/target/saveconfig.json file to prevent exploitation. Additionally, restrict access to the /etc/target/saveconfig.json file to minimize the risk of exploitation.

Fix

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-276

Related Identifiers

AZL-44778

BDU:2020-03828

CESA-2020_5435

CVE-2020-14019

GHSA-CPCW-P965-WPQX

MGASA-2020-0336

OPENSUSE-SU-2020:1156-1

OPENSUSE-SU-2020_1156-1

OPENSUSE-SU-2024:11270-1

PYSEC-2020-250

RHSA-2020:5435

RHSA-2020_5435

SUSE-SU-2020:2109-1

SUSE-SU-2020_2109-1

Affected Products

Centos

Open-Iscsi

Red Hat

Suse

PT-2020-3499 · Open Iscsi+3 · Open-Iscsi+3

CVE-2020-14019

Weakness Enumeration

Related Identifiers

Affected Products

References · 32