Exploit
CVE-2020-8014
UNIX Symbolic Link (Symlink) Following (CWE-61)
Published: Jun 29, 2020 / Updated: 53mo ago

010

CVSS 7.8EPSS 0.04%High

CVE info copied to clipboard

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of kopano-spamd of openSUSE Leap 15.1, openSUSE Tumbleweed allowed local attackers with the privileges of the kopano user to escalate to root. This issue affects: openSUSE Leap 15.1 kopano-spamd versions prior to 10.0.5-lp151.4.1. openSUSE Tumbleweed kopano-spamd versions prior to 10.0.5-1.1.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2020-8014. See article

Jun 29, 2020 at 1:59 PM / nitter.net

EPSS

EPSS Score was set to: 0.04% (Percentile: 5.7%)

Sep 15, 2023 at 11:47 AM

Affected Systems

Opensuse/leap

+null more

Exploits

https://bugzilla.suse.com/show_bug.cgi?id=1164131

+null more

Patches

bugzilla.suse.com

+null more

Attack Patterns

CAPEC-27: Leveraging Race Conditions via Symbolic Links

+null more

CVSS V3.1

Attack Vector:Local

Attack Complexity:Low

Privileges Required:Low

User Interaction:None

Scope:Unchanged

Confidentiality:High

Integrity:High

Availability Impact:High

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence 30-day free trial

ExploitCVE-2020-8014UNIX Symbolic Link (Symlink) Following (CWE-61)Published: Jun 29, 2020 / Updated: 53mo ago

Timeline

Affected Systems

Exploits

Patches

Attack Patterns

CVSS V3.1

Categories

Be the first to know about critical vulnerabilities

Exploit
CVE-2020-8014
UNIX Symbolic Link (Symlink) Following (CWE-61)
Published: Jun 29, 2020 / Updated: 53mo ago