VYPR
Unrated severityNVD Advisory· Published Jun 29, 2020· Updated Sep 17, 2024

kopano-python-services: Local privilege escalation from kopano to root in kopano-spamd subpackage

CVE-2020-8014

Description

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of kopano-spamd of openSUSE Leap 15.1, openSUSE Tumbleweed allowed local attackers with the privileges of the kopano user to escalate to root. This issue affects: openSUSE Leap 15.1 kopano-spamd versions prior to 10.0.5-lp151.4.1. openSUSE Tumbleweed kopano-spamd versions prior to 10.0.5-1.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Range: <=10.0.5-lp151.4.1 on Leap 15.1; <=10.0.5-1.1 on Tumbleweed
  • openSUSE/openSUSE Leap 15.1v5
    Range: kopano-spamd
  • openSUSE/openSUSE Tumbleweedv5
    Range: kopano-spamd

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.