CVE-2020-14019
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-14019
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-14019.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-14019
- Aliases
- Downstream
- Related
- Published
- 2020-06-19T11:15:10.260Z
- Modified
- 2025-11-20T11:12:40.338667Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.
- References
Affected packages
Git / github.com/open-iscsi/rtslib-fb
Affected ranges
- Type
- GIT
- Repo
- https://github.com/open-iscsi/rtslib-fb
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
1.*
1.90
1.95
1.99
2.*
2.0
2.1
v2.*
v2.1.70
v2.1.71
v2.1.72
v2.1.fb1
v2.1.fb10
v2.1.fb11
v2.1.fb12
v2.1.fb13
v2.1.fb14
v2.1.fb15
v2.1.fb16
v2.1.fb17
v2.1.fb18
v2.1.fb19
v2.1.fb2
v2.1.fb20
v2.1.fb21
v2.1.fb22
v2.1.fb23
v2.1.fb24
v2.1.fb25
v2.1.fb26
v2.1.fb27
v2.1.fb28
v2.1.fb29
v2.1.fb3
v2.1.fb30
v2.1.fb31
v2.1.fb32
v2.1.fb33
v2.1.fb34
v2.1.fb35
v2.1.fb36
v2.1.fb37
v2.1.fb38
v2.1.fb39
v2.1.fb4
v2.1.fb40
v2.1.fb41
v2.1.fb42
v2.1.fb43
v2.1.fb44
v2.1.fb45
v2.1.fb46
v2.1.fb47
v2.1.fb48
v2.1.fb49
v2.1.fb5
v2.1.fb50
v2.1.fb51
v2.1.fb52
v2.1.fb53
v2.1.fb54
v2.1.fb55
v2.1.fb56
v2.1.fb57
v2.1.fb58
v2.1.fb59
v2.1.fb6
v2.1.fb60
v2.1.fb61
v2.1.fb62
v2.1.fb63
v2.1.fb64
v2.1.fb65
v2.1.fb66
v2.1.fb67
v2.1.fb68
v2.1.fb69
v2.1.fb7
v2.1.fb8
v2.1.fb9