CVE-2020-14004

Published: Jun 12, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed and arbitrary files can be changed to mode 2750 by the unprivileged icinga2 user.

Affected (6)

Products: Icinga: Icinga · Opensuse: Backports Sle, Leap

1 product

2 products

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Icinga Icinga	From 2.0.0 to 2.11.3
Icinga Icinga	Version 2.12.0 rc1

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Opensuse Backports Sle	Version 15.0 sp1
Opensuse Backports Sle	Version 15.0 sp2
Opensuse Leap	Version 15.1
Opensuse Leap	Version 15.2

Related CWEs

Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

References (12)

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00014.html

Source: cve@mitre.org

Broken LinkMailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2020/06/12/1

Source: cve@mitre.org

ExploitMailing ListThird Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2020-14004

Source: cve@mitre.org

Broken LinkIssue Tracking

https://github.com/Icinga/icinga2/compare/v2.12.0-rc1...master

Source: cve@mitre.org

Third Party Advisory

https://github.com/Icinga/icinga2/pull/8045/commits/2f0f2e8c355b75fa4407d23f85feea037d2bc4b6

Source: cve@mitre.org

PatchThird Party Advisory

https://github.com/Icinga/icinga2/releases

Source: cve@mitre.org

Release NotesThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00014.html

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkMailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2020/06/12/1

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListThird Party Advisory

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2020-14004

Source: af854a3a-2127-422b-91ae-364da2661108

Broken LinkIssue Tracking

https://github.com/Icinga/icinga2/compare/v2.12.0-rc1...master

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://github.com/Icinga/icinga2/pull/8045/commits/2f0f2e8c355b75fa4407d23f85feea037d2bc4b6

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://github.com/Icinga/icinga2/releases

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesThird Party Advisory

Timeline

No history available yet.