CVE-2021-25321

Description

A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon the next restart of arpwatch. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS arpwatch versions prior to 2.1a15. SUSE Manager Server 4.0 arpwatch versions prior to 2.1a15. SUSE OpenStack Cloud Crowbar 9 arpwatch versions prior to 2.1a15. openSUSE Factory arpwatch version 2.1a15-169.5 and prior versions. openSUSE Leap 15.2 arpwatch version 2.1a15-lp152.5.5 and prior versions.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected products

openSUSE / Factoryarpwatch – 2.1a15-169.5
openSUSE / Leap 15.2arpwatch – 2.1a15-lp152.5.5
SUSE / SUSE Linux Enterprise Server 11-SP4-LTSSarpwatch – 2.1a15
SUSE / SUSE Manager Server 4.0arpwatch – 2.1a15
SUSE / SUSE OpenStack Cloud Crowbar 9arpwatch – 2.1a15

References

MISChttps://bugzilla.suse.com/show_bug.cgi?id=1186240