CVE-2021-31998 - OpenCVE

A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Opensuse	Backports Sle Inn Leap
Suse	Linux Enterprise Server

Configuration 1 [-]

AND

cpe:2.3:a:opensuse:inn:*:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*

Configuration 2 [-]

AND

cpe:2.3:a:opensuse:inn:*:*:*:*:*:*:*:*

OR	cpe:2.3:a:opensuse:backports_sle:15.0:sp2::::::
	cpe:2.3:o:opensuse:leap:15.2:::::::*

No data.

References

Link	Providers
https://bugzilla.suse.com/show_bug.cgi?id=1182321

History

No history.

MITRE

Status: PUBLISHED

Assigner: suse

Published: 2021-06-10T11:25:11.178555Z

Updated: 2024-09-16T22:40:51.163Z

Reserved: 2021-05-03T00:00:00

Link: CVE-2021-31998

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-06-10T12:15:08.920

Modified: 2021-06-24T13:27:52.773

Link: CVE-2021-31998

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "SUSE Linux Enterprise Server 11-SP3", "vendor": "SUSE", "versions": [{"lessThanOrEqual": "inn-2.4.2-170.21.3.1", "status": "affected", "version": "inn", "versionType": "custom"}]}, {"product": "openSUSE Backports SLE-15-SP2", "vendor": "openSUSE", "versions": [{"lessThan": "2.6.2", "status": "affected", "version": "inn", "versionType": "custom"}]}, {"product": "openSUSE Leap 15.2", "vendor": "openSUSE", "versions": [{"lessThan": "2.6.2", "status": "affected", "version": "inn", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Johannes Segitz of SUSE"}], "datePublic": "2021-05-25T00:00:00", "descriptions": [{"lang": "en", "value": "A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-276", "description": "CWE-276: Incorrect Default Permissions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-06-10T11:25:11", "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182321"}], "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1182321", "defect": ["1182321"], "discovery": "INTERNAL"}, "title": "inn: %post calls user owned file allowing local privilege escalation to root", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@suse.com", "DATE_PUBLIC": "2021-05-25T00:00:00.000Z", "ID": "CVE-2021-31998", "STATE": "PUBLIC", "TITLE": "inn: %post calls user owned file allowing local privilege escalation to root"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SUSE Linux Enterprise Server 11-SP3", "version": {"version_data": [{"version_affected": "<=", "version_name": "inn", "version_value": "inn-2.4.2-170.21.3.1"}]}}]}, "vendor_name": "SUSE"}, {"product": {"product_data": [{"product_name": "openSUSE Backports SLE-15-SP2", "version": {"version_data": [{"version_affected": "<", "version_name": "inn", "version_value": "2.6.2"}]}}, {"product_name": "openSUSE Leap 15.2", "version": {"version_data": [{"version_affected": "<", "version_name": "inn", "version_value": "2.6.2"}]}}]}, "vendor_name": "openSUSE"}]}}, "credit": [{"lang": "eng", "value": "Johannes Segitz of SUSE"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-276: Incorrect Default Permissions"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.suse.com/show_bug.cgi?id=1182321", "refsource": "CONFIRM", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182321"}]}, "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1182321", "defect": ["1182321"], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:10:31.424Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182321"}]}]}, "cveMetadata": {"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "assignerShortName": "suse", "cveId": "CVE-2021-31998", "datePublished": "2021-06-10T11:25:11.178555Z", "dateReserved": "2021-05-03T00:00:00", "dateUpdated": "2024-09-16T22:40:51.163Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:inn:*:*:*:*:*:*:*:*", "matchCriteriaId": "6DC56D89-5FE7-481B-905C-09FFA782FABE", "versionEndIncluding": "2.4.2-170.21.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:inn:*:*:*:*:*:*:*:*", "matchCriteriaId": "9C3649D1-3F62-48BA-8411-D9D0AA21B6A8", "versionEndExcluding": "2.6.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp2:*:*:*:*:*:*", "matchCriteriaId": "67E82302-4B77-44F3-97B1-24C18AC4A35D", "vulnerable": false}, {"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2."}, {"lang": "es", "value": "Una vulnerabilidad de Permisos por Defecto Incorrectos en el empaquetado de inn de SUSE Linux Enterprise Server versi\u00f3n11-SP3; openSUSE Backports versi\u00f3n SLE-15-SP2, openSUSE Leap versi\u00f3n 15.2 permite a atacantes locales escalar sus privilegios del usuario de noticias a root. Este problema afecta a: SUSE Linux Enterprise Server versi\u00f3n 11-SP3 versi\u00f3n inn-2.4.2-170.21.3.1 y versiones anteriores. openSUSE Backports SLE-15-SP2 versiones inn anteriores a 2.6.2. openSUSE Leap 15.2 versiones inn anteriores a 2.6.2"}], "id": "CVE-2021-31998", "lastModified": "2021-06-24T13:27:52.773", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 4.2, "source": "meissner@suse.de", "type": "Secondary"}]}, "published": "2021-06-10T12:15:08.920", "references": [{"source": "meissner@suse.de", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182321"}], "sourceIdentifier": "meissner@suse.de", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "meissner@suse.de", "type": "Primary"}]}