vulnerability
SUSE: CVE-2020-15396: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | Jun 30, 2020 | Aug 15, 2020 | Oct 22, 2021 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Jun 30, 2020
Added
Aug 15, 2020
Modified
Oct 22, 2021
Description
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
Solutions
suse-upgrade-hylafaxsuse-upgrade-hylafax-clientsuse-upgrade-libfaxutil7_0_3
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.