open-iscsi/rtslib-fb on GitHub
Python library for configuring the Linux kernel-based multiprotocol SCSI target (LIO)
CVE History
CVE | Published | CVSS v2 | CVSS v3 |
---|---|---|---|
CVE-2020-14019 | 7.8 HIGH | 4.6 MEDIUM | |
Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved. |