A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2020-04-15T00:00:00
Updated: 2024-08-04T11:06:11.137Z
Reserved: 2020-03-20T00:00:00
Link: CVE-2020-10699
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-04-15T14:15:19.873
Modified: 2024-11-21T04:55:52.773
Link: CVE-2020-10699
Redhat