CVE-2021-32000
published 2021-07-28CVE-2021-32000: A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3…
high7.1CVSS 3.1
AVLACLPRLUINSUCNIHAH
A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux Enterprise Server 12 SP3 clone-master-clean-up version 1.6-4.6.1 and prior versions. SUSE Linux Enterprise Server 15 SP1 clone-master-clean-up version 1.6-3.9.1 and prior versions. openSUSE Factory clone-master-clean-up version 1.6-1.4 and prior versions.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opensuse | factory | clone-master-clean-up – 1.6-1.4 | — |
| suse | linux_enterprise_server | — | — |
| suse | linux_enterprise_server | — | — |
| suse | suse_linux_enterprise_server_12_sp3 | clone-master-clean-up – 1.6-4.6.1 | — |
| suse | suse_linux_enterprise_server_15_sp1 | clone-master-clean-up – 1.6-3.9.1 | — |
| ws_project | ws | >= 5.0.0 < 5.2.3 | 5.2.3 |
| ws_project | ws | >= 6.0.0 < 6.2.2 | 6.2.2 |
| ws_project | ws | >= 7.0.0 < 7.4.6 | 7.4.6 |