Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-8025

Опубликовано: 07 авг. 2020
Источник: nvd
CVSS3: 6.1
CVSS3: 9.3
CVSS2: 4.6
EPSS Низкий

Описание

A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of the pcp package to unintended settings. This issue affects: SUSE Linux Enterprise Server 12-SP4 permissions versions prior to 20170707-3.24.1. SUSE Linux Enterprise Server 15-LTSS permissions versions prior to 20180125-3.27.1. SUSE Linux Enterprise Server for SAP 15 permissions versions prior to 20180125-3.27.1. openSUSE Leap 15.1 permissions versions prior to 20181116-lp151.4.24.1. openSUSE Tumbleweed permissions versions prior to 20200624.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15:*:*:*:espos:*:*:*
cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15:*:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp4:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp5:*:*:*:*:*:*

EPSS

Процентиль: 15%
0.00049
Низкий

6.1 Medium

CVSS3

9.3 Critical

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-279

Связанные уязвимости

ubuntu логотип

CVE-2020-8025

CVSS3: 6.1
ubuntu
больше 5 лет назад

A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of the pcp package to unintended settings. This issue affects: SUSE Linux Enterprise Server 12-SP4 permissions versions prior to 20170707-3.24.1. SUSE Linux Enterprise Server 15-LTSS permissions versions prior to 20180125-3.27.1. SUSE Linux Enterprise Server for SAP 15 permissions versions prior to 20180125-3.27.1. openSUSE Leap 15.1 permissions versions prior to 20181116-lp151.4.24.1. openSUSE Tumbleweed permissions versions prior to 20200624.

redhat логотип

CVE-2020-8025

CVSS3: 9.3
redhat
около 5 лет назад

A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of the pcp package to unintended settings. This issue affects: SUSE Linux Enterprise Server 12-SP4 permissions versions prior to 20170707-3.24.1. SUSE Linux Enterprise Server 15-LTSS permissions versions prior to 20180125-3.27.1. SUSE Linux Enterprise Server for SAP 15 permissions versions prior to 20180125-3.27.1. openSUSE Leap 15.1 permissions versions prior to 20181116-lp151.4.24.1. openSUSE Tumbleweed permissions versions prior to 20200624.

suse-cvrf логотип

SUSE-SU-2022:1873-1

suse-cvrf
больше 3 лет назад

Security update for pcp

suse-cvrf логотип

SUSE-SU-2022:1509-1

suse-cvrf
почти 4 года назад

Security update for pcp

suse-cvrf логотип

SUSE-SU-2021:1292-1

suse-cvrf
почти 5 лет назад

Security update for pcp

EPSS

Процентиль: 15%
0.00049
Низкий

6.1 Medium

CVSS3

9.3 Critical

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-279