Home > Vulnerability Database > CVE-2020-8030

Mend.io Vulnerability Database

CVE-2020-8030

Good to know:

Date: February 11, 2021

A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.

Language: Go

Severity Score

4.4

Related Resources (3)

Url: https://nvd.nist.gov/vuln/detail/CVE-2020-8030

Url: https://bugzilla.suse.com/show_bug.cgi?id=1177361

Url: https://www.mend.io/vulnerability-database/CVE-2020-8030

Severity Score

4.4

Weakness Type (CWE)

Insecure Temporary File

CWE-377

Top Fix

Upgrade Version

Upgrade to version 2.1.7

Learn More

CVSS v3.1

Base Score:	4.4
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	3.6
Access Vector (AV):	LOCAL
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2020-8030

Good to know:

Date: February 11, 2021

Language: Go

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?