CVE-2020-14019
Published
CVSS v3
7.8
HIGH
CVSS v2
4.6
MEDIUM
Affected
1
PROJECT
Description
Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.
Python library for configuring the Linux kernel-based multiprotocol SCSI target (LIO)
GitHub