All the vulnerabilites related to openSUSE - openSUSE Leap 15.2
cve-2021-31998
Vulnerability from cvelistv5
Published
2021-06-10 11:25
Modified
2024-09-16 22:40
Summary
inn: %post calls user owned file allowing local privilege escalation to root
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T23:10:31.424Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182321"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 11-SP3",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThanOrEqual": "inn-2.4.2-170.21.3.1",
              "status": "affected",
              "version": "inn",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Backports SLE-15-SP2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "2.6.2",
              "status": "affected",
              "version": "inn",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "2.6.2",
              "status": "affected",
              "version": "inn",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz of SUSE"
        }
      ],
      "datePublic": "2021-05-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276: Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-06-10T11:25:11",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182321"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1182321",
        "defect": [
          "1182321"
        ],
        "discovery": "INTERNAL"
      },
      "title": "inn: %post calls user owned file allowing local privilege escalation to root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
          "ID": "CVE-2021-31998",
          "STATE": "PUBLIC",
          "TITLE": "inn: %post calls user owned file allowing local privilege escalation to root"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 11-SP3",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "inn",
                            "version_value": "inn-2.4.2-170.21.3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "openSUSE Backports SLE-15-SP2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "inn",
                            "version_value": "2.6.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "openSUSE Leap 15.2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "inn",
                            "version_value": "2.6.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-276: Incorrect Default Permissions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1182321",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182321"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1182321",
          "defect": [
            "1182321"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2021-31998",
    "datePublished": "2021-06-10T11:25:11.178555Z",
    "dateReserved": "2021-05-03T00:00:00",
    "dateUpdated": "2024-09-16T22:40:51.163Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-8026
Vulnerability from cvelistv5
Published
2020-08-07 09:25
Modified
2024-09-16 16:57
Summary
inn: non-root owned files
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:48:24.996Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172573"
          },
          {
            "name": "openSUSE-SU-2020:1271",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00064.html"
          },
          {
            "name": "openSUSE-SU-2020:1272",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00063.html"
          },
          {
            "name": "openSUSE-SU-2020:1304",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00074.html"
          },
          {
            "name": "openSUSE-SU-2020:1427",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00038.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openSUSE Leap 15.2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.6.2-lp152.1.26",
              "status": "affected",
              "version": "inn",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Tumbleweed",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.6.2-4.2",
              "status": "affected",
              "version": "inn",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.1",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.5.4-lp151.3.3.1",
              "status": "affected",
              "version": "inn",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner/Johannes Segitz of SUSE"
        }
      ],
      "datePublic": "2020-07-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276: Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-18T17:06:35",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172573"
        },
        {
          "name": "openSUSE-SU-2020:1271",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00064.html"
        },
        {
          "name": "openSUSE-SU-2020:1272",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00063.html"
        },
        {
          "name": "openSUSE-SU-2020:1304",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00074.html"
        },
        {
          "name": "openSUSE-SU-2020:1427",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00038.html"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1172573",
        "defect": [
          "1172573"
        ],
        "discovery": "INTERNAL"
      },
      "title": "inn: non-root owned files",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-07-24T00:00:00.000Z",
          "ID": "CVE-2020-8026",
          "STATE": "PUBLIC",
          "TITLE": "inn: non-root owned files"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "openSUSE Leap 15.2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "inn",
                            "version_value": "2.6.2-lp152.1.26"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "openSUSE Tumbleweed",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "inn",
                            "version_value": "2.6.2-4.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "openSUSE Leap 15.1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "inn",
                            "version_value": "2.5.4-lp151.3.3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Matthias Gerstner/Johannes Segitz of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-276: Incorrect Default Permissions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1172573",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172573"
            },
            {
              "name": "openSUSE-SU-2020:1271",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00064.html"
            },
            {
              "name": "openSUSE-SU-2020:1272",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00063.html"
            },
            {
              "name": "openSUSE-SU-2020:1304",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00074.html"
            },
            {
              "name": "openSUSE-SU-2020:1427",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00038.html"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1172573",
          "defect": [
            "1172573"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2020-8026",
    "datePublished": "2020-08-07T09:25:13.939809Z",
    "dateReserved": "2020-01-27T00:00:00",
    "dateUpdated": "2024-09-16T16:57:41.593Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2021-25317
Vulnerability from cvelistv5
Published
2021-05-05 09:35
Modified
2024-09-17 00:32
Summary
cups: ownership of /var/log/cups allows the lp user to create files as root
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:03:04.109Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1184161"
          },
          {
            "name": "FEDORA-2021-dc578ce534",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H74BP746O5NNVCBUTLLZYAFBPESFVECV/"
          },
          {
            "name": "FEDORA-2021-7b698513d5",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S37IDQGHTORQ3Z6VRDQIGBYVOI27YG47/"
          },
          {
            "name": "FEDORA-2021-be95e017e7",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWPGZLT3U776Q5YPPSA6LGFWWBDWBVH3/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 11-SP4-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.3.9",
              "status": "affected",
              "version": "cups",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Manager Server 4.0",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.2.7",
              "status": "affected",
              "version": "cups",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud Crowbar 9",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.7.5",
              "status": "affected",
              "version": "cups",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "2.2.7",
              "status": "affected",
              "version": "cups",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "2.3.3op2-2.1",
              "status": "affected",
              "version": "cups",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2021-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS cups versions prior to 1.3.9. SUSE Manager Server 4.0 cups versions prior to 2.2.7. SUSE OpenStack Cloud Crowbar 9 cups versions prior to 1.7.5. openSUSE Leap 15.2 cups versions prior to 2.2.7. openSUSE Factory cups version 2.3.3op2-2.1 and prior versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276: Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-01-19T00:00:00",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1184161"
        },
        {
          "name": "FEDORA-2021-dc578ce534",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H74BP746O5NNVCBUTLLZYAFBPESFVECV/"
        },
        {
          "name": "FEDORA-2021-7b698513d5",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/S37IDQGHTORQ3Z6VRDQIGBYVOI27YG47/"
        },
        {
          "name": "FEDORA-2021-be95e017e7",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GWPGZLT3U776Q5YPPSA6LGFWWBDWBVH3/"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1184161",
        "defect": [
          "1184161"
        ],
        "discovery": "INTERNAL"
      },
      "title": "cups: ownership of /var/log/cups allows the lp user to create files as root",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2021-25317",
    "datePublished": "2021-05-05T09:35:13.321996Z",
    "dateReserved": "2021-01-19T00:00:00",
    "dateUpdated": "2024-09-17T00:32:16.952Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-8027
Vulnerability from cvelistv5
Published
2021-02-11 16:10
Modified
2024-09-16 17:54
Summary
openldap uses fixed paths in /tmp
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:48:24.820Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1175568"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Linux Enterprise Server 15-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.46-9.37.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server for SAP 15",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.46-9.37.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.1",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "2.4.46-lp151.10.18.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "2.4.46-lp152.14.9.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Thorsten Kukuk/Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2020-09-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-377",
              "description": "CWE-377: Insecure Temporary File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-11T16:10:14",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1175568"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1175568",
        "defect": [
          "1175568"
        ],
        "discovery": "INTERNAL"
      },
      "title": "openldap uses fixed paths in /tmp",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-09-22T00:00:00.000Z",
          "ID": "CVE-2020-8027",
          "STATE": "PUBLIC",
          "TITLE": "openldap uses fixed paths in /tmp"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Linux Enterprise Server 15-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-9.37.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server for SAP 15",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-9.37.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "openSUSE Leap 15.1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-lp151.10.18.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "openSUSE Leap 15.2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-lp152.14.9.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Thorsten Kukuk/Matthias Gerstner of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Insecure Temporary File vulnerability in openldap2 of SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to overwrite arbitrary files and gain access to the openldap2 configuration This issue affects: SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.37.1. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.37.1. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.18.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.9.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-377: Insecure Temporary File"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1175568",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1175568"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1175568",
          "defect": [
            "1175568"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2020-8027",
    "datePublished": "2021-02-11T16:10:14.335132Z",
    "dateReserved": "2020-01-27T00:00:00",
    "dateUpdated": "2024-09-16T17:54:21.630Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-8023
Vulnerability from cvelistv5
Published
2020-09-01 11:25
Modified
2024-09-16 18:33
Summary
Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:48:25.193Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172698"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Enterprise Storage 5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Debuginfo 11-SP3",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.26-0.74.13.1,",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Debuginfo 11-SP4",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.26-0.74.13.1,",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Point of Sale 11-SP3",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.26-0.74.13.1,",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 11-SECURITY",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.26-0.74.13.1",
              "status": "affected",
              "version": "openldap2-client-openssl1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 11-SP4-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.26-0.74.13.1,",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP2-BCL",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP2-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP3-BCL",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP3-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP4",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 15-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.46-9.31.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server for SAP 12-SP2",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server for SAP 12-SP3",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server for SAP 15",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.46-9.31.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud 7",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud 8",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud Crowbar 8",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.1",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "2.4.46-lp151.10.12.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "2.4.46-lp152.14.3.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz of SUSE"
        }
      ],
      "datePublic": "2020-07-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-349",
              "description": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-01T11:25:12",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172698"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1172698",
        "defect": [
          "1172698"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-07-06T00:00:00.000Z",
          "ID": "CVE-2020-8023",
          "STATE": "PUBLIC",
          "TITLE": "Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Enterprise Storage 5",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Debuginfo 11-SP3",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.26-0.74.13.1,"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Debuginfo 11-SP4",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.26-0.74.13.1,"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Point of Sale 11-SP3",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.26-0.74.13.1,"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 11-SECURITY",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2-client-openssl1",
                            "version_value": "2.4.26-0.74.13.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 11-SP4-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.26-0.74.13.1,"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP2-BCL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP2-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP3-BCL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP3-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP4",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP5",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 15-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-9.31.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server for SAP 12-SP2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server for SAP 12-SP3",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server for SAP 15",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-9.31.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE OpenStack Cloud 7",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE OpenStack Cloud 8",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE OpenStack Cloud Crowbar 8",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "openSUSE Leap 15.1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-lp151.10.12.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "openSUSE Leap 15.2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-lp152.14.3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1172698",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172698"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1172698",
          "defect": [
            "1172698"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2020-8023",
    "datePublished": "2020-09-01T11:25:12.674939Z",
    "dateReserved": "2020-01-27T00:00:00",
    "dateUpdated": "2024-09-16T18:33:45.008Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-8024
Vulnerability from cvelistv5
Published
2020-06-29 07:45
Modified
2024-09-17 01:21
Summary
Problematic permissions in hylafax+ packaging allow escalation from uucp to other users
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:48:25.596Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172731"
          },
          {
            "name": "openSUSE-SU-2020:0958",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00022.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "openSUSE Leap 15.2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "7.0.2-lp152.2.1",
              "status": "affected",
              "version": "hylafax+",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.1",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThanOrEqual": "5.6.1-lp151.3.7",
              "status": "affected",
              "version": "hylafax+",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Factory",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "7.0.2-2.1",
              "status": "affected",
              "version": "hylafax+",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner"
        }
      ],
      "datePublic": "2020-06-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Incorrect Default Permissions vulnerability in the packaging of hylafax+ of openSUSE Leap 15.2, openSUSE Leap 15.1, openSUSE Factory allows local attackers to escalate from user uucp to users calling hylafax binaries. This issue affects: openSUSE Leap 15.2 hylafax+ versions prior to 7.0.2-lp152.2.1. openSUSE Leap 15.1 hylafax+ version 5.6.1-lp151.3.7 and prior versions. openSUSE Factory hylafax+ versions prior to 7.0.2-2.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276: Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-07-14T11:06:15",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172731"
        },
        {
          "name": "openSUSE-SU-2020:0958",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00022.html"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1172731",
        "defect": [
          "1172731"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Problematic permissions in hylafax+ packaging allow escalation from uucp to other users",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-06-15T00:00:00.000Z",
          "ID": "CVE-2020-8024",
          "STATE": "PUBLIC",
          "TITLE": "Problematic permissions in hylafax+ packaging allow escalation from uucp to other users"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "openSUSE Leap 15.2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "hylafax+",
                            "version_value": "7.0.2-lp152.2.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "openSUSE Leap 15.1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c=",
                            "version_name": "hylafax+",
                            "version_value": "5.6.1-lp151.3.7"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "openSUSE Factory",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "hylafax+",
                            "version_value": "7.0.2-2.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Matthias Gerstner"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Incorrect Default Permissions vulnerability in the packaging of hylafax+ of openSUSE Leap 15.2, openSUSE Leap 15.1, openSUSE Factory allows local attackers to escalate from user uucp to users calling hylafax binaries. This issue affects: openSUSE Leap 15.2 hylafax+ versions prior to 7.0.2-lp152.2.1. openSUSE Leap 15.1 hylafax+ version 5.6.1-lp151.3.7 and prior versions. openSUSE Factory hylafax+ versions prior to 7.0.2-2.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-276: Incorrect Default Permissions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1172731",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172731"
            },
            {
              "name": "openSUSE-SU-2020:0958",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00022.html"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1172731",
          "defect": [
            "1172731"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2020-8024",
    "datePublished": "2020-06-29T07:45:17.539675Z",
    "dateReserved": "2020-01-27T00:00:00",
    "dateUpdated": "2024-09-17T01:21:22.130Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}