{"containers":{"cna":{"affected":[{"product":"SUSE CaaS Platform 4.5","vendor":"SUSE","versions":[{"lessThan":"2.1.7","status":"affected","version":"suba","versionType":"custom"}]}],"credits":[{"lang":"en","value":"Johannes Segitz of SUSE"}],"datePublic":"2020-11-23T00:00:00.000Z","descriptions":[{"lang":"en","value":"A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":3.6,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-377","description":"CWE-377: Insecure Temporary File","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-02-11T16:00:20.000Z","orgId":"404e59f5-483d-4b8a-8e7a-e67604dd8afb","shortName":"suse"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1177361"}],"source":{"advisory":"https://bugzilla.suse.com/show_bug.cgi?id=1177361","defect":["1177361"],"discovery":"INTERNAL"},"title":"skuba: Insecure /tmp usage when joining node to cluster","x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@suse.com","DATE_PUBLIC":"2020-11-23T00:00:00.000Z","ID":"CVE-2020-8030","STATE":"PUBLIC","TITLE":"skuba: Insecure /tmp usage when joining node to cluster"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"SUSE CaaS Platform 4.5","version":{"version_data":[{"version_affected":"<","version_name":"suba","version_value":"2.1.7"}]}}]},"vendor_name":"SUSE"}]}},"credit":[{"lang":"eng","value":"Johannes Segitz of SUSE"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"NONE","baseScore":3.6,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-377: Insecure Temporary File"}]}]},"references":{"reference_data":[{"name":"https://bugzilla.suse.com/show_bug.cgi?id=1177361","refsource":"CONFIRM","url":"https://bugzilla.suse.com/show_bug.cgi?id=1177361"}]},"source":{"advisory":"https://bugzilla.suse.com/show_bug.cgi?id=1177361","defect":["1177361"],"discovery":"INTERNAL"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T09:48:24.680Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1177361"}]}]},"cveMetadata":{"assignerOrgId":"404e59f5-483d-4b8a-8e7a-e67604dd8afb","assignerShortName":"suse","cveId":"CVE-2020-8030","datePublished":"2021-02-11T16:00:21.071Z","dateReserved":"2020-01-27T00:00:00.000Z","dateUpdated":"2024-09-16T16:39:10.268Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}