HIGH🇵🇱 Wersja polska

CVE-2020-8026

CVSS 8.4v3.1pub. 2020-08-07upd. 2024-11-21

A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions.

CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Opensuse Backports Sle

    APP
    Opensuse
    15.0
  • Opensuse Leap

    OS
    Opensuse
    15.115.2
  • Opensuse Tumbleweed

    APP
    Opensuse
    ≤ 2.6.2-4.2
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2020-16846CRITICAL9.8⚠ KEVten sam produkt

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the...

CVE-2020-15999CRITICAL9.6⚠ KEVten sam produkt

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentia...

CVE-2020-12641CRITICAL9.8⚠ KEVten sam produkt

rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacha...

CVE-2020-11651CRITICAL9.8⚠ KEVten sam produkt

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process Clea...