CVE-2020-8030

EUVD-2020-28942
A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.6 LOW
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
suseCNA
3.6 LOW
LOCAL
HIGH
NONE
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Affected Products (NVD)
VendorProductVersion
susecaas_platform
4.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://bugzilla.suse.com/show_bug.cgi?id=1177361
https://bugzilla.suse.com/show_bug.cgi?id=1177361