CVE-2020-8022: User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-8022

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges

Source: NVD (National Vulnerability Database)

Vulnerability Description

A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

缺省权限不正确

Source: NVD (National Vulnerability Database)

Vulnerability Title

多款SUSE产品tomcat 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

SUSE Linux Enterprise Server和SUSE Enterprise Storage都是德国SUSE公司的产品。SUSE Linux Enterprise Server是一套企业服务器版Linux操作系统。SUSE Enterprise Storage是一套软件定义的储存解决方案。多款SUSE产品中的tomcat存在安全漏洞。本地攻击者可利用该漏洞提升权限。以下产品及版本受到影响：SUSE Enterprise Storage 5版本（tomcat 8.0.53-29.32.1之前版

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
SUSE	SUSE Enterprise Storage 5	tomcat ~ 8.0.53-29.32.1	-
SUSE	SUSE Linux Enterprise Server 12-SP2-BCL	tomcat ~ 8.0.53-29.32.1	-
SUSE	SUSE Linux Enterprise Server 12-SP2-LTSS	tomcat ~ 8.0.53-29.32.1	-
SUSE	SUSE Linux Enterprise Server 12-SP3-BCL	tomcat ~ 8.0.53-29.32.1	-
SUSE	SUSE Linux Enterprise Server 12-SP3-LTSS	tomcat ~ 8.0.53-29.32.1	-
SUSE	SUSE Linux Enterprise Server 12-SP4	tomcat ~ 9.0.35-3.39.1	-
SUSE	SUSE Linux Enterprise Server 12-SP5	tomcat ~ 9.0.35-3.39.1	-
SUSE	SUSE Linux Enterprise Server 15-LTSS	tomcat ~ 9.0.35-3.57.3	-
SUSE	SUSE Linux Enterprise Server for SAP 12-SP2	tomcat ~ 8.0.53-29.32.1	-
SUSE	SUSE Linux Enterprise Server for SAP 12-SP3	tomcat ~ 8.0.53-29.32.1	-
SUSE	SUSE Linux Enterprise Server for SAP 15	tomcat ~ 9.0.35-3.57.3	-
SUSE	SUSE OpenStack Cloud 7	tomcat ~ 8.0.53-29.32.1	-
SUSE	SUSE OpenStack Cloud 8	tomcat ~ 8.0.53-29.32.1	-
SUSE	SUSE OpenStack Cloud Crowbar 8	tomcat ~ 8.0.53-29.32.1	-

II. Public POCs for CVE-2020-8022

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-8022

Please Login to view more intelligence information

https://bugzilla.suse.com/show_bug.cgi?id=1172405x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00066.htmlvendor-advisoryx_refsource_SUSE
https://lists.apache.org/thread.html/ra87ec20a0f4b226c81c7eed27e5d7433ccdc41e61a8da408a45f0fa1%40%3Cusers.tomcat.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/rf50d02409e5732c4ee37f19a193af171251a25a652599ce3c2bc69e7%40%3Cusers.tomcat.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928%40%3Cjava-dev.axis.apache.org%3Emailing-listx_refsource_MLIST
https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be%40%3Cjava-dev.axis.apache.org%3Emailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2020-8022

IV. Related Vulnerabilities

Same product: SUSE Enterprise Storage 5

CVE-2020-8023
Local privilege escalation from ldap to root when using OPEN

Same vendor: SUSE

Same weakness: CWE-276

V. Comments for CVE-2020-8022

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2020-8022

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-8022

III. Intelligence Information for CVE-2020-8022

IV. Related Vulnerabilities

V. Comments for CVE-2020-8022

Leave a comment