CVE-2020-13867
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-13867
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13867.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-13867
- Downstream
- Related
- Published
- 2020-06-05T18:15:13.510Z
- Modified
- 2025-11-20T11:12:23.681992Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files).
- References
-
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00005.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LANBGRCCZBPKKBD5ZMJS7C7DYAHYR6B/
- https://github.com/open-iscsi/targetcli-fb/pull/172
- https://security.gentoo.org/glsa/202008-22
Affected packages
Git / github.com/open-iscsi/targetcli-fb
Affected ranges
- Type
- GIT
- Repo
- https://github.com/open-iscsi/targetcli-fb
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
1.*
1.99
2.*
2.0rc1
v2.*
v2.0.fb20
v2.0.fb21
v2.0.fb22
v2.0rc1.fb1
v2.0rc1.fb10
v2.0rc1.fb11
v2.0rc1.fb12
v2.0rc1.fb13
v2.0rc1.fb14
v2.0rc1.fb15
v2.0rc1.fb16
v2.0rc1.fb17
v2.0rc1.fb18
v2.0rc1.fb19
v2.0rc1.fb2
v2.0rc1.fb3
v2.0rc1.fb4
v2.0rc1.fb5
v2.0rc1.fb6
v2.0rc1.fb7
v2.0rc1.fb8
v2.0rc1.fb9
v2.1.50
v2.1.51
v2.1.52
v2.1.fb22
v2.1.fb23
v2.1.fb24
v2.1.fb25
v2.1.fb26
v2.1.fb27
v2.1.fb28
v2.1.fb29
v2.1.fb30
v2.1.fb31
v2.1.fb32
v2.1.fb33
v2.1.fb34
v2.1.fb35
v2.1.fb36
v2.1.fb37
v2.1.fb38
v2.1.fb39
v2.1.fb40
v2.1.fb41
v2.1.fb42
v2.1.fb43
v2.1.fb44
v2.1.fb45
v2.1.fb46
v2.1.fb47
v2.1.fb48
v2.1.fb49