CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-14019

Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.9%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 4.6

References

Products affected by CVE-2020-14019

Rtslib-Fb Project » Rtslib-Fb » Version: 1.90

cpe:2.3:a:rtslib-fb_project:rtslib-fb:1.90
Rtslib-Fb Project » Rtslib-Fb » Version: 1.95

cpe:2.3:a:rtslib-fb_project:rtslib-fb:1.95
Rtslib-Fb Project » Rtslib-Fb » Version: 1.99

cpe:2.3:a:rtslib-fb_project:rtslib-fb:1.99
Rtslib-Fb Project » Rtslib-Fb » Version: 2.0

cpe:2.3:a:rtslib-fb_project:rtslib-fb:2.0
Rtslib-Fb Project » Rtslib-Fb » Version: 2.1

cpe:2.3:a:rtslib-fb_project:rtslib-fb:2.1
Rtslib-Fb Project » Rtslib-Fb » Version: 2.1.70

cpe:2.3:a:rtslib-fb_project:rtslib-fb:2.1.70
Rtslib-Fb Project » Rtslib-Fb » Version: 2.1.71

cpe:2.3:a:rtslib-fb_project:rtslib-fb:2.1.71
Rtslib-Fb Project » Rtslib-Fb » Version: 2.1.72

cpe:2.3:a:rtslib-fb_project:rtslib-fb:2.1.72

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-14019

Products

Pricing

Contact Us