OVAL Reference oval:org.opensuse.security:def:20208029

Oval Definition:

oval:org.opensuse.security:def:20208029

Revision Date:	2022-05-22	Version:	1
Title:	CVE-2020-8029
Description:	A Incorrect Permission Assignment for Critical Resource vulnerability in skuba of SUSE CaaS Platform 4.5 allows local attackers to gain access to the kublet key. This issue affects: SUSE CaaS Platform 4.5 skuba versions prior to https://github.com/SUSE/skuba/pull/1416.
Family:	unix	Class:	vulnerability
Status:		Reference(s):	Mitre CVE-2020-8029 SUSE CVE-2020-8029 SUSE-CU-2020:822-1 SUSE-CU-2020:825-1 SUSE-CU-2020:831-1 SUSE-CU-2020:832-1 SUSE-CU-2020:833-1 SUSE-CU-2020:834-1 SUSE-CU-2020:837-1 SUSE-CU-2020:848-1 SUSE-CU-2020:849-1 SUSE-CU-2020:850-1 SUSE-CU-2020:851-1 SUSE-CU-2020:852-1 SUSE-SU-2020:3761-1
Platform(s):	SUSE CaaS Platform 4.0 SUSE CaaS Platform 4.5	Product(s):
Definition Synopsis
SUSE CaaS Platform 4.5 is installed AND Package Information caasp-release-4.5.2-1.8.2 is installed OR cri-o-1.18-1.18.4-4.3.2 is installed OR cri-o-1.18-kubeadm-criconfig-1.18.4-4.3.2 is installed OR etcdctl-3.4.13-3.3.1 is installed OR helm2-2.16.12-3.3.1 is installed OR helm3-3.3.3-3.8.1 is installed OR kubernetes-1.18-kubeadm-1.18.10-4.3.1 is installed OR kubernetes-1.18-kubelet-1.18.10-4.3.1 is installed OR patterns-caasp-Management-4.5-3.3.1 is installed OR skuba-2.1.11-3.10.1 is installed OR skuba-update-2.1.11-3.10.1 is installed OR velero-1.4.2-3.3.1 is installed
Definition Synopsis
SUSE CaaS Platform 4.0 is installed AND Package Information skuba is affected OR skuba-update is affected

BACK