CVE-2021-25321

CWE-61CWE-59CWE-732Incorrect Permission Assignment6 documents6 sources
Severity
7.8HIGH
EPSS
0.0%
top 91.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Suse Suse Linux Enterprise Server 11-sp4-ltssSuse Suse Manager Server 4.0Suse Suse Openstack Cloud Crowbar 9+3 more
Timeline
PublishedJun 30
Latest updateMay 24

Description

A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon the next restart of arpwatch. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS arpwatch versions prior to 2.1a15. SUSE Manager Server 4.0 arpwatch versions prior to 2.1a15. SUSE OpenStack Clo

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages6 packages

CVEListV5suse/suse_linux_enterprise_server_11-sp4-ltssarpwatch2.1a15
NVDsuse/arpwatch< 2.1a15+2
CVEListV5suse/suse_manager_server_4.0arpwatch2.1a15
CVEListV5suse/suse_openstack_cloud_crowbar_9arpwatch2.1a15
CVEListV5opensuse/factoryarpwatch2.1a15-169.5

🔴Vulnerability Details

3
GHSA
GHSA-p5jf-rf9m-p26h: A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 42022-05-24
CVEList
arpwatch: Local privilege escalation from runtime user to root2021-06-30
OSV
CVE-2021-25321: A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 42021-06-30

📋Vendor Advisories

2
Red Hat
arpwatch: Local privilege escalation from runtime user to root2021-06-28
Debian
CVE-2021-25321: arpwatch - A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux...2021
CVE-2021-25321 (HIGH CVSS 7.8) | A UNIX Symbolic Link (Symlink) Foll | cvebase.io