CVE-2020-8027 - Vulnerability Details - OpenCVE

A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Opensuse	Leap Openldap2
Suse	Linux Enterprise Server

Configuration 1 [-]

AND

cpe:2.3:a:opensuse:openldap2:*:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:ltss:*:*:*

Configuration 2 [-]

AND

cpe:2.3:a:opensuse:openldap2:*:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:*

Configuration 3 [-]

AND

cpe:2.3:a:opensuse:openldap2:*:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:a:opensuse:openldap2:*:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://bugzilla.suse.com/show_bug.cgi?id=1175568

History

No history.

MITRE

Status: PUBLISHED

Assigner: suse

Published: 2021-02-11T16:10:14.335132Z

Updated: 2024-09-16T17:54:21.630Z

Reserved: 2020-01-27T00:00:00

Link: CVE-2020-8027

Vulnrichment

No data.

NVD

Status : Modified

Published: 2021-02-11T16:15:12.790

Modified: 2024-11-21T05:38:14.947

Link: CVE-2020-8027

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "SUSE Linux Enterprise Server 15-LTSS", "vendor": "SUSE", "versions": [{"lessThan": "2.4.46-9.37.1", "status": "affected", "version": "openldap2", "versionType": "custom"}]}, {"product": "SUSE Linux Enterprise Server for SAP 15", "vendor": "SUSE", "versions": [{"lessThan": "2.4.46-9.37.1", "status": "affected", "version": "openldap2", "versionType": "custom"}]}, {"product": "openSUSE Leap 15.1", "vendor": "openSUSE", "versions": [{"lessThan": "2.4.46-lp151.10.18.1", "status": "affected", "version": "openldap2", "versionType": "custom"}]}, {"product": "openSUSE Leap 15.2", "vendor": "openSUSE", "versions": [{"lessThan": "2.4.46-lp152.14.9.1", "status": "affected", "version": "openldap2", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Thorsten Kukuk/Matthias Gerstner of SUSE"}], "datePublic": "2020-09-22T00:00:00", "descriptions": [{"lang": "en", "value": "A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-377", "description": "CWE-377: Insecure Temporary File", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-02-11T16:10:14", "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1175568"}], "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1175568", "defect": ["1175568"], "discovery": "INTERNAL"}, "title": "openldap uses fixed paths in /tmp", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@suse.com", "DATE_PUBLIC": "2020-09-22T00:00:00.000Z", "ID": "CVE-2020-8027", "STATE": "PUBLIC", "TITLE": "openldap uses fixed paths in /tmp"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SUSE Linux Enterprise Server 15-LTSS", "version": {"version_data": [{"version_affected": "<", "version_name": "openldap2", "version_value": "2.4.46-9.37.1"}]}}, {"product_name": "SUSE Linux Enterprise Server for SAP 15", "version": {"version_data": [{"version_affected": "<", "version_name": "openldap2", "version_value": "2.4.46-9.37.1"}]}}]}, "vendor_name": "SUSE"}, {"product": {"product_data": [{"product_name": "openSUSE Leap 15.1", "version": {"version_data": [{"version_affected": "<", "version_name": "openldap2", "version_value": "2.4.46-lp151.10.18.1"}]}}, {"product_name": "openSUSE Leap 15.2", "version": {"version_data": [{"version_affected": "<", "version_name": "openldap2", "version_value": "2.4.46-lp152.14.9.1"}]}}]}, "vendor_name": "openSUSE"}]}}, "credit": [{"lang": "eng", "value": "Thorsten Kukuk/Matthias Gerstner of SUSE"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-377: Insecure Temporary File"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.suse.com/show_bug.cgi?id=1175568", "refsource": "CONFIRM", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1175568"}]}, "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1175568", "defect": ["1175568"], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:48:24.820Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1175568"}]}]}, "cveMetadata": {"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "assignerShortName": "suse", "cveId": "CVE-2020-8027", "datePublished": "2021-02-11T16:10:14.335132Z", "dateReserved": "2020-01-27T00:00:00", "dateUpdated": "2024-09-16T17:54:21.630Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:openldap2:*:*:*:*:*:*:*:*", "matchCriteriaId": "32AA5B50-3127-4257-A560-8289BAD64900", "versionEndExcluding": "2.4.46-9.37.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:ltss:*:*:*", "matchCriteriaId": "6027470B-9B9F-4AB3-8A0D-41506F7E9183", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:openldap2:*:*:*:*:*:*:*:*", "matchCriteriaId": "32AA5B50-3127-4257-A560-8289BAD64900", "versionEndExcluding": "2.4.46-9.37.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:*", "matchCriteriaId": "C665A768-DBDA-4197-9159-A2791E98A84F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:openldap2:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BFD4325-0A81-4DD7-858E-F326E6A1B173", "versionEndExcluding": "2.4.46-lp151.10.18.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:openldap2:*:*:*:*:*:*:*:*", "matchCriteriaId": "A5AD8803-F071-4AB4-BA29-4F7AD8B3C44E", "versionEndExcluding": "2.4.46-lp152.14.9.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1."}, {"lang": "es", "value": "Una vulnerabilidad de archivo temporal no seguro en openldap2 de SUSE Linux Enterprise Server versi\u00f3n 15-LTSS, SUSE Linux Enterprise Server para SAP versi\u00f3n 15; openSUSE Leap versi\u00f3n 15.1, openSUSE Leap versi\u00f3n 15.2, permite a atacantes locales sobrescribir archivos arbitrarios y obtener acceso a la configuraci\u00f3n de openldap2. Este problema afecta a: openldap2 de SUSE Linux Enterprise Server versi\u00f3n 15-LTSS versiones anteriores a 2.4.46-9.37.1. openldap2 de SUSE Linux Enterprise Server para SAP versi\u00f3n 15 versiones anteriores a 2.4.46-9.37.1. openldap2 de openSUSE Leap versi\u00f3n 15.1 versiones anteriores a 2.4.46-lp151.10.18.1. openldap2 de openSUSE Leap versi\u00f3n 15.2 versiones anteriores a 2.4.46-lp152.14.9.1"}], "id": "CVE-2020-8027", "lastModified": "2024-11-21T05:38:14.947", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 4.7, "source": "meissner@suse.de", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 4.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-11T16:15:12.790", "references": [{"source": "meissner@suse.de", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1175568"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1175568"}], "sourceIdentifier": "meissner@suse.de", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-377"}], "source": "meissner@suse.de", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Secondary"}]}