CVE-2020-8021
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Summary
a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| openSUSE | Open Build Service | Open Build Service < 2.10.5 | affected |
Weaknesses
- CWE-269: CWE-269: Improper Privilege Management
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.suse.com/show_bug.cgi?id=1171649
- https://lists.debian.org/debian-lts-announce/2021/02/msg00006.html
References
- https://bugzilla.suse.com/show_bug.cgi?id=1171649
- https://lists.debian.org/debian-lts-announce/2021/02/msg00006.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.