{"id":"CVE-2020-14019","details":"Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.","aliases":["GHSA-cpcw-p965-wpqx","PYSEC-2020-250"],"modified":"2026-04-16T04:32:57.289934019Z","published":"2020-06-19T11:15:10.260Z","related":["SUSE-SU-2020:2109-1","openSUSE-SU-2020:1156-1","openSUSE-SU-2024:11270-1"],"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00012.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TNMCV2DJJTX345YYBXAMJBXNNVUZQ5UH/"},{"type":"ADVISORY","url":"https://github.com/open-iscsi/rtslib-fb/pull/162"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/open-iscsi/rtslib-fb","events":[{"introduced":"0"},{"last_affected":"a638b771f189fcede260c007b55184340347e7b0"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.1.72"}]}}],"versions":["1.90","1.95","1.99","2.0","2.1","v2.1.70","v2.1.71","v2.1.72","v2.1.fb1","v2.1.fb10","v2.1.fb11","v2.1.fb12","v2.1.fb13","v2.1.fb14","v2.1.fb15","v2.1.fb16","v2.1.fb17","v2.1.fb18","v2.1.fb19","v2.1.fb2","v2.1.fb20","v2.1.fb21","v2.1.fb22","v2.1.fb23","v2.1.fb24","v2.1.fb25","v2.1.fb26","v2.1.fb27","v2.1.fb28","v2.1.fb29","v2.1.fb3","v2.1.fb30","v2.1.fb31","v2.1.fb32","v2.1.fb33","v2.1.fb34","v2.1.fb35","v2.1.fb36","v2.1.fb37","v2.1.fb38","v2.1.fb39","v2.1.fb4","v2.1.fb40","v2.1.fb41","v2.1.fb42","v2.1.fb43","v2.1.fb44","v2.1.fb45","v2.1.fb46","v2.1.fb47","v2.1.fb48","v2.1.fb49","v2.1.fb5","v2.1.fb50","v2.1.fb51","v2.1.fb52","v2.1.fb53","v2.1.fb54","v2.1.fb55","v2.1.fb56","v2.1.fb57","v2.1.fb58","v2.1.fb59","v2.1.fb6","v2.1.fb60","v2.1.fb61","v2.1.fb62","v2.1.fb63","v2.1.fb64","v2.1.fb65","v2.1.fb66","v2.1.fb67","v2.1.fb68","v2.1.fb69","v2.1.fb7","v2.1.fb8","v2.1.fb9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-14019.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}