open-iscsi/targetcli-fb

Releases69

Frequency2 months 2 weeks

Last Release 6 months ago

Stars120

Command shell for managing Linux LIO kernel target

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-13867 ↗	Jun 5, 2020Friday, 5 June 2020, 18:15	5.5 MEDIUM	2.1 LOW
Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files).
CVE-2020-10699 ↗	Apr 15, 2020Wednesday, 15 April 2020, 14:15	7.8 HIGH	7.2 HIGH
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root.