VYPR
Unrated severityNVD Advisory· Published Jan 21, 2020· Updated Aug 4, 2024

CVE-2020-7040

CVE-2020-7040

Description

storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that file.)

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.