Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-8024

Опубликовано: 29 июн. 2020
Источник: nvd
CVSS3: 5.3
CVSS2: 6.8
EPSS Низкий

Описание

A Incorrect Default Permissions vulnerability in the packaging of hylafax+ of openSUSE Leap 15.2, openSUSE Leap 15.1, openSUSE Factory allows local attackers to escalate from user uucp to users calling hylafax binaries. This issue affects: openSUSE Leap 15.2 hylafax+ versions prior to 7.0.2-lp152.2.1. openSUSE Leap 15.1 hylafax+ version 5.6.1-lp151.3.7 and prior versions. openSUSE Factory hylafax+ versions prior to 7.0.2-2.1.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:opensuse:hylafax\+:*:*:*:*:*:*:*:*
Версия до 7.0.2-lp152.2.1 (исключая)
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:a:opensuse:hylafax\+:*:*:*:*:*:*:*:*
Версия до 5.6.1-lp151.3.7 (исключая)
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:a:opensuse:hylafax\+:*:*:*:*:*:*:*:*
Версия до 7.0.2-2.1 (исключая)
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

EPSS

Процентиль: 37%
0.00155
Низкий

5.3 Medium

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-276
CWE-276

Связанные уязвимости

ubuntu логотип

CVE-2020-8024

CVSS3: 5.3
ubuntu
больше 5 лет назад

A Incorrect Default Permissions vulnerability in the packaging of hylafax+ of openSUSE Leap 15.2, openSUSE Leap 15.1, openSUSE Factory allows local attackers to escalate from user uucp to users calling hylafax binaries. This issue affects: openSUSE Leap 15.2 hylafax+ versions prior to 7.0.2-lp152.2.1. openSUSE Leap 15.1 hylafax+ version 5.6.1-lp151.3.7 and prior versions. openSUSE Factory hylafax+ versions prior to 7.0.2-2.1.

debian логотип

CVE-2020-8024

CVSS3: 5.3
debian
больше 5 лет назад

A Incorrect Default Permissions vulnerability in the packaging of hyla ...

suse-cvrf логотип

openSUSE-SU-2020:0958-1

suse-cvrf
больше 5 лет назад

Security update for hylafax+

github логотип

GHSA-rv88-x9wr-52g7

github
больше 3 лет назад

A Incorrect Default Permissions vulnerability in the packaging of hylafax+ of openSUSE Leap 15.2, openSUSE Leap 15.1, openSUSE Factory allows local attackers to escalate from user uucp to users calling hylafax binaries. This issue affects: openSUSE Leap 15.2 hylafax+ versions prior to 7.0.2-lp152.2.1. openSUSE Leap 15.1 hylafax+ version 5.6.1-lp151.3.7 and prior versions. openSUSE Factory hylafax+ versions prior to 7.0.2-2.1.

EPSS

Процентиль: 37%
0.00155
Низкий

5.3 Medium

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-276
CWE-276