CVE-2021-25317

CWE-276 — Incorrect Default Permissions5 documents5 sources

Severity

3.3LOW

EPSS

0.1%

top 72.37%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opensuse Opensuse Leap 15.2 Suse Suse Linux Enterprise Server 11-sp4-ltss Suse Suse Manager Server 4.0 +4 more

Timeline

PublishedMay 5

Latest updateMay 24

Description

A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS cups versions prior to 1.3.9. SUSE Manager Server 4.0 cups versions prior to 2.2.7. SUSE OpenStack C…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages6 packages

▶CVEListV5suse/suse_linux_enterprise_server_11-sp4-ltsscups — 1.3.9

▶NVDsuse/cups< 1.3.9+3

▶CVEListV5suse/suse_manager_server_4.0cups — 2.2.7

▶CVEListV5suse/suse_openstack_cloud_crowbar_9cups — 1.7.5

▶CVEListV5opensuse/opensuse_leap_15.2cups — 2.2.7

Also affects: Fedora 32, 33, 34

🔴Vulnerability Details

GHSA

GHSA-7qpc-9fjw-5c32: A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4↗2022-05-24

▶

CVEList

cups: ownership of /var/log/cups allows the lp user to create files as root↗2021-05-05

▶

📋Vendor Advisories

Red Hat

cups: insecure permissions of /var/log/cups allows for symlink attacks↗2021-04-29

▶

Debian

CVE-2021-25317: cups - A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE L...↗2021

▶