First published: Mon Nov 23 2020(Updated: )
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.
Credit: meissner@suse.de
Affected Software | Affected Version | How to fix |
---|---|---|
SUSE CaaS Platform | =4.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this vulnerability is CVE-2020-8030.
The title of this vulnerability is 'A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to...'
The affected software for this vulnerability is SUSE CaaS Platform 4.5.
The severity level of this vulnerability is medium (4.4).
This vulnerability can be exploited by local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.