Overview
- Description
- A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon the next restart of arpwatch. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS arpwatch versions prior to 2.1a15. SUSE Manager Server 4.0 arpwatch versions prior to 2.1a15. SUSE OpenStack Cloud Crowbar 9 arpwatch versions prior to 2.1a15. openSUSE Factory arpwatch version 2.1a15-169.5 and prior versions. openSUSE Leap 15.2 arpwatch version 2.1a15-lp152.5.5 and prior versions.
- Source
- meissner@suse.de
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
- meissner@suse.de
- CWE-61
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:manager_server:4.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "51136B38-5715-49B3-BD8D-91F90632247D"
},
{
"criteria": "cpe:2.3:a:suse:openstack_cloud_crowbar:9.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B631400C-0A5A-45A3-9DFA-B419E83D324E"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:ltss:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7B84C8D3-0B59-40DC-881D-D016A422E8CC"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:arpwatch:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6838A554-093A-4125-BB0A-63BBA1017976",
"versionEndExcluding": "2.1a15"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:factory:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E29492E1-43D8-43BF-94E3-26A762A66FAA"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:arpwatch:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "928A6B2B-B06B-4E75-8A65-C30A83B26B80",
"versionEndIncluding": "2.1a15-169.5"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:arpwatch:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F0862012-0FB3-4216-A47B-AFDCA202DE08",
"versionEndIncluding": "2.1a15-lp152.5.5"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]