CVE-2020-36771

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2020-36771
CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
http://packetstormsecurity.com/files/176790/CloudLinux-CageFS-7.1.1-1-Token-Disclosure.html Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2024/Jan/24 Exploit Mailing List Third Party Advisory
https://blog.cloudlinux.com/cagefs-lve-wrappers-and-bsock-have-been-rolled-out-to-100 Release Notes
https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-01_CloudLinux_CageFS_Token_Disclosure
Configurations

Configuration 1 (hide)

cpe:2.3:a:cloudlinux:cagefs:*:*:*:*:*:*:*:*
History

28 Mar 2024, 19:15

Type Values Removed Values Added
Summary (en) CloudLinux CageFS 7.1.1-1 or below passes the authentication token as command line argument. In some configurations this allows local users to view it via the process list and gain code execution as another user. (en) CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and gain code execution as another user.
References
  • () https://github.com/sbaresearch/advisories/tree/public/2020/SBA-ADV-20200707-01_CloudLinux_CageFS_Token_Disclosure -

29 Jan 2024, 17:26

Type Values Removed Values Added
CWE NVD-CWE-noinfo
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 7.8
CPE cpe:2.3:a:cloudlinux:cagefs:*:*:*:*:*:*:*:*
First Time Cloudlinux
Cloudlinux cagefs
References () https://blog.cloudlinux.com/cagefs-lve-wrappers-and-bsock-have-been-rolled-out-to-100 - () https://blog.cloudlinux.com/cagefs-lve-wrappers-and-bsock-have-been-rolled-out-to-100 - Release Notes
References () http://packetstormsecurity.com/files/176790/CloudLinux-CageFS-7.1.1-1-Token-Disclosure.html - () http://packetstormsecurity.com/files/176790/CloudLinux-CageFS-7.1.1-1-Token-Disclosure.html - Exploit, Third Party Advisory, VDB Entry
References () http://seclists.org/fulldisclosure/2024/Jan/24 - () http://seclists.org/fulldisclosure/2024/Jan/24 - Exploit, Mailing List, Third Party Advisory

26 Jan 2024, 17:15

Type Values Removed Values Added
References
  • () http://packetstormsecurity.com/files/176790/CloudLinux-CageFS-7.1.1-1-Token-Disclosure.html -

26 Jan 2024, 16:15

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/Jan/24 -

22 Jan 2024, 14:33

Type Values Removed Values Added
New CVE
Information

Published : 2024-01-22 14:15

Updated : 2024-03-28 19:15

NVD link : CVE-2020-36771

Mitre link : CVE-2020-36771

CVE.ORG link : CVE-2020-36771

JSON object : View

Products Affected

cloudlinux

  • cagefs
CWE
NVD-CWE-noinfo CWE-214

Invocation of Process Using Visible Sensitive Information