CVE-2021-3020 - OpenCVE

An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to limit this to safe combinations). This user is able to execute an interactive "shell" that isn't limited to the commands specified in hawk_invoke, allowing escalation to root.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Clusterlabs	Hawk

Configuration 1 [-]

cpe:2.3:a:clusterlabs:hawk:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://bugzilla.suse.com/show_bug.cgi?id=1180571
https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82
https://github.com/ClusterLabs/hawk/releases

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-08-25T23:32:32

Updated: 2024-08-03T16:45:50.792Z

Reserved: 2021-01-05T00:00:00

Link: CVE-2021-3020

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-08-26T00:15:08.773

Modified: 2023-08-08T14:22:24.967

Link: CVE-2021-3020

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to limit this to safe combinations). This user is able to execute an interactive \"shell\" that isn't limited to the commands specified in hawk_invoke, allowing escalation to root."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-25T23:32:32", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/ClusterLabs/hawk/releases"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1180571"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2021-3020", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to limit this to safe combinations). This user is able to execute an interactive \"shell\" that isn't limited to the commands specified in hawk_invoke, allowing escalation to root."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/ClusterLabs/hawk/releases", "refsource": "MISC", "url": "https://github.com/ClusterLabs/hawk/releases"}, {"name": "https://bugzilla.suse.com/show_bug.cgi?id=1180571", "refsource": "MISC", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1180571"}, {"name": "https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82", "refsource": "MISC", "url": "https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T16:45:50.792Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/ClusterLabs/hawk/releases"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1180571"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-3020", "datePublished": "2022-08-25T23:32:32", "dateReserved": "2021-01-05T00:00:00", "dateUpdated": "2024-08-03T16:45:50.792Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:clusterlabs:hawk:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB239D06-C0CE-4BAB-9974-D872E9D3E167", "versionEndIncluding": "2.3.0-15", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to limit this to safe combinations). This user is able to execute an interactive \"shell\" that isn't limited to the commands specified in hawk_invoke, allowing escalation to root."}, {"lang": "es", "value": "Se ha detectado un problema en ClusterLabs Hawk (tambi\u00e9n se conoce como HA Web Konsole) hasta la versi\u00f3n 2.3.0-15. Es enviado el binario hawk_invoke (construido a partir de tools/hawk_invoke.c), destinado a ser usado como un programa setuid. Esto permite al usuario hacluster invocar determinados comandos como root (con un intento de limitar esto a combinaciones seguras). Este usuario es capaz de ejecutar un \"shell\" interactivo que no est\u00e1 limitado a los comandos especificados en hawk_invoke, permitiendo una escalada a root."}], "id": "CVE-2021-3020", "lastModified": "2023-08-08T14:22:24.967", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-26T00:15:08.773", "references": [{"source": "cve@mitre.org", "tags": ["Permissions Required"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1180571"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/ClusterLabs/hawk/releases"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "nvd@nist.gov", "type": "Primary"}]}