{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2020-8030","title":"Title"},{"category":"description","text":"A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2020-8030","url":"https://www.suse.com/security/cve/CVE-2020-8030"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1177361 for CVE-2020-8030","url":"https://bugzilla.suse.com/1177361"}],"title":"SUSE CVE CVE-2020-8030","tracking":{"current_release_date":"2025-04-25T05:42:42Z","generator":{"date":"2023-02-15T04:01:36Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2020-8030","initial_release_date":"2023-02-15T04:01:36Z","revision_history":[{"date":"2023-02-15T04:01:36Z","number":"2","summary":"Current version"},{"date":"2025-01-01T05:50:32Z","number":"3","summary":"Current version"},{"date":"2025-02-15T06:27:30Z","number":"4","summary":"Current version"},{"date":"2025-02-17T06:48:45Z","number":"5","summary":"Current version"},{"date":"2025-03-13T16:59:19Z","number":"6","summary":"Current version"},{"date":"2025-03-15T10:09:02Z","number":"7","summary":"Current version"},{"date":"2025-04-25T05:42:42Z","number":"8","summary":"Current version"}],"status":"interim","version":"8"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE CaaS Platform 4.0","product":{"name":"SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:caasp:4.0"}}},{"category":"product_version","name":"skuba","product":{"name":"skuba","product_id":"skuba","product_identification_helper":{"purl":"pkg:rpm/suse/skuba@?upstream=skuba.src.rpm"}}},{"category":"product_version","name":"skuba-update","product":{"name":"skuba-update","product_id":"skuba-update","product_identification_helper":{"purl":"pkg:rpm/suse/skuba-update@?upstream=skuba.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"skuba as component of SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0:skuba"},"product_reference":"skuba","relates_to_product_reference":"SUSE CaaS Platform 4.0"},{"category":"default_component_of","full_product_name":{"name":"skuba-update as component of SUSE CaaS Platform 4.0","product_id":"SUSE CaaS Platform 4.0:skuba-update"},"product_reference":"skuba-update","relates_to_product_reference":"SUSE CaaS Platform 4.0"}]},"vulnerabilities":[{"cve":"CVE-2020-8030","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2020-8030"}],"notes":[{"category":"general","text":"A Insecure Temporary File vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to leak the bootstrapToken or modify the configuration file before it is processed, leading to arbitrary modifications of the machine/cluster.","title":"CVE description"}],"product_status":{"known_affected":["SUSE CaaS Platform 4.0:skuba","SUSE CaaS Platform 4.0:skuba-update"]},"references":[{"category":"external","summary":"CVE-2020-8030","url":"https://www.suse.com/security/cve/CVE-2020-8030"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1177361 for CVE-2020-8030","url":"https://bugzilla.suse.com/1177361"}],"threats":[{"category":"impact","date":"2020-10-06T11:41:47Z","details":"moderate"}],"title":"CVE-2020-8030"}]}