Bug 1848143 (CVE-2020-13867)
Summary: | CVE-2020-13867 targetcli: weak permissions for /etc/target and backup files | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Guilherme de Almeida Suckevicz <gsuckevi> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | amctagga, andy, anharris, bniver, flucifre, gmeno, hvyas, mbenjamin, mhackett, mlombard, vereddy |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | targetcli-fb 2.1.53 | Doc Type: | If docs needed, set a value |
Doc Text: |
An access flaw was found in targetcli, where the `/etc/target` and underneath backup directory/files were world-readable. This flaw allows a local attacker to access potentially sensitive information such as authentication credentials from the /etc/target/saveconfig.json and backup files. The highest threat from this vulnerability is to confidentiality.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-11-04 02:26:03 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1845167, 1848144, 1852768, 1853645, 1853646 | ||
Bug Blocks: | 1848145 |
Description
Guilherme de Almeida Suckevicz
2020-06-17 19:02:40 UTC
Created targetcli tracking bugs for this issue: Affects: fedora-all [bug 1848144] Statement: The version of targetcli shipped with Red Hat Ceph Storage 3 sets the world-readable permissions for `/etc/target` and `/etc/target/backup` directory that store the sensitive information, hence affected by this vulnerability. Mitigation: $ chmod -R og-rwx /etc/target Future backup files will still be created with incorrect permissions, but attackers will not be able to access the target directory. This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-13867 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2020:4697 https://access.redhat.com/errata/RHSA-2020:4697 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2020:5434 https://access.redhat.com/errata/RHSA-2020:5434 |