CVE-2020-14019

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-14019
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-14019.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-14019
Aliases
Related
Published
2020-06-19T11:15:10Z
Modified
2025-02-19T03:06:59.861531Z
Downstream
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.

References

Affected packages

Debian:11 / python-rtslib-fb

Package

Name
python-rtslib-fb
Purl
pkg:deb/debian/python-rtslib-fb?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.71-3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / python-rtslib-fb

Package

Name
python-rtslib-fb
Purl
pkg:deb/debian/python-rtslib-fb?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.71-3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / python-rtslib-fb

Package

Name
python-rtslib-fb
Purl
pkg:deb/debian/python-rtslib-fb?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.1.71-3

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Git / github.com/open-iscsi/rtslib-fb

Affected ranges

Type
GIT
Repo
https://github.com/open-iscsi/rtslib-fb
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a638b771f189fcede260c007b55184340347e7b0

Affected versions

1.*

1.90
1.95
1.99

2.*

2.0
2.1

v2.*

v2.1.70
v2.1.71
v2.1.72
v2.1.fb1
v2.1.fb10
v2.1.fb11
v2.1.fb12
v2.1.fb13
v2.1.fb14
v2.1.fb15
v2.1.fb16
v2.1.fb17
v2.1.fb18
v2.1.fb19
v2.1.fb2
v2.1.fb20
v2.1.fb21
v2.1.fb22
v2.1.fb23
v2.1.fb24
v2.1.fb25
v2.1.fb26
v2.1.fb27
v2.1.fb28
v2.1.fb29
v2.1.fb3
v2.1.fb30
v2.1.fb31
v2.1.fb32
v2.1.fb33
v2.1.fb34
v2.1.fb35
v2.1.fb36
v2.1.fb37
v2.1.fb38
v2.1.fb39
v2.1.fb4
v2.1.fb40
v2.1.fb41
v2.1.fb42
v2.1.fb43
v2.1.fb44
v2.1.fb45
v2.1.fb46
v2.1.fb47
v2.1.fb48
v2.1.fb49
v2.1.fb5
v2.1.fb50
v2.1.fb51
v2.1.fb52
v2.1.fb53
v2.1.fb54
v2.1.fb55
v2.1.fb56
v2.1.fb57
v2.1.fb58
v2.1.fb59
v2.1.fb6
v2.1.fb60
v2.1.fb61
v2.1.fb62
v2.1.fb63
v2.1.fb64
v2.1.fb65
v2.1.fb66
v2.1.fb67
v2.1.fb68
v2.1.fb69
v2.1.fb7
v2.1.fb8
v2.1.fb9