PT-2021-12708 · Opensuse · Cyrus-Sasl

Johannes Segitz

Published

2021-02-25

Updated

2024-06-15

CVE-2020-8032

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: openSUSE Factory cyrus-sasl versions 2.1.27-4.2 and prior versions.

Description: A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root.

Recommendations: For openSUSE Factory cyrus-sasl versions 2.1.27-4.2 and prior versions, update to a version later than 2.1.27-4.2 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-377

Related Identifiers

AZL-6370

CVE-2020-8032

OPENSUSE-SU-2024:10709-1

Affected Products

Cyrus-Sasl

PT-2021-12708 · Opensuse · Cyrus-Sasl

CVE-2020-8032

Weakness Enumeration

Related Identifiers

Affected Products

References · 11