CVE Identifier: CVE-2020-12831 Vulnerability Type: Default permission issue Impact: Eases information leaks Product: Security Response Component: vulnerability Operating System: Linux Priority: medium Severity: medium Status: CLOSED ERRATA Last Closed: 2020-11-04 02:25:15 UTC Red Hat Security Advisory: RHSA-2020:4619 Description of problem: By default, frr creates empty configuration files with too wide permissions. The file, which contains BGP passwords for peerings/sessions, should have proper default permissions to prevent information leaks. Steps to Reproduce: 1. Install frr 2. Modify configuration files 3. Start frr service 4. Check permissions of 5. Check permissions of Actual results: is world-readable by default. Expected results: should have permissions like 640 by default. References: - FRRouting frr tool - Upstream commit for this issue - Red Hat Security Advisory