Improper access control in lynis - CVE-2020-13882

 

Improper access control in lynis - CVE-2020-13882

Published: September 1, 2020


Vulnerability identifier: #VU46151
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2020-13882
CWE-ID: CWE-284
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: cisofy.com
Affected software:
lynis

Detailed vulnerability description

The vulnerability allows a local user to gain unauthorized access to sensitive information.

The vulnerability exists due to improper access restrictions due to a TOCTOU race condition. The routine to check the log and report file permissions was not working as intended and could be bypassed locally. Because of the race, an unprivileged attacker can set up a log and report file, and control that up to the point where the specific routine is doing its check. After that, the file can be removed, recreated, and used for additional attacks.


How to mitigate CVE-2020-13882

Install update from vendor's website.

Sources