CVE-2022-21944Link Following in Factory

CWE-59Link FollowingCWE-61UNIX Symbolic Link (Symlink) Following3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 70.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Opensuse FactoryOpensuse Backports Sle-15-sp3Opensuse Factory Watchman
Timeline
PublishedJan 26
Latest updateJan 27

Description

A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local attackers to escalate to root. This issue affects: openSUSE Backports SLE-15-SP3 watchman versions prior to 4.9.0. openSUSE Factory watchman versions prior to 4.9.0-9.1.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

CVEListV5opensuse/factorywatchman4.9.0-9.1
CVEListV5opensuse/opensuse_backports_sle-15-sp3watchman4.9.0

🔴Vulnerability Details

2
GHSA
GHSA-rg42-3854-x575: A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman of openSUSE Backports SLE-15-SP3, Factory allows local2022-01-27
CVEList
watchman: chown in [email protected] unit allows symlink attack2022-01-26
CVE-2022-21944 — Link Following in Opensuse Factory | cvebase