CVE-2021-25322 - OpenCVE

A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions. openSUSE Factory python-HyperKitty versions prior to 1.3.4-5.1.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Python-hyperkitty Project	Python-hyperkitty
Opensuse	Leap Factory

Configuration 1 [-]

AND

cpe:2.3:a:python-hyperkitty_project:python-hyperkitty:*:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:a:python-hyperkitty_project:python-hyperkitty:*:*:*:*:*:*:*:*

cpe:2.3:a:opensuse:factory:-:*:*:*:*:*:*:*

References

Link	Resource
https://bugzilla.suse.com/show_bug.cgi?id=1182373	Exploit Issue Tracking Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: suse

Published: 2021-05-19T00:00:00

Updated: 2021-06-10T11:45:11

Reserved: 2021-01-19T00:00:00

Link: CVE-2021-25322

JSON object: View

NVD Information

Status : Analyzed

Published: 2021-06-10T12:15:08.523

Modified: 2023-06-22T19:08:54.337

Link: CVE-2021-25322

JSON object: View

Redhat Information

No data.

CWE

{"containers": {"cna": {"affected": [{"product": "Leap 15.2", "vendor": "openSUSE", "versions": [{"lessThanOrEqual": "1.3.2-lp152.2.3.1", "status": "affected", "version": "python-HyperKitty", "versionType": "custom"}]}, {"product": "Factory", "vendor": "openSUSE", "versions": [{"lessThan": "1.3.4-5.1", "status": "affected", "version": "python-HyperKitty", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Matthias Gerstner of SUSE"}], "datePublic": "2021-05-19T00:00:00", "descriptions": [{"lang": "en", "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions. openSUSE Factory python-HyperKitty versions prior to 1.3.4-5.1."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-61", "description": "CWE-61: UNIX Symbolic Link (Symlink) Following", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-06-10T11:45:11", "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182373"}], "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1182373", "defect": ["1182373"], "discovery": "INTERNAL"}, "title": "python-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@suse.com", "DATE_PUBLIC": "2021-05-19T00:00:00.000Z", "ID": "CVE-2021-25322", "STATE": "PUBLIC", "TITLE": "python-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Leap 15.2", "version": {"version_data": [{"version_affected": "<=", "version_name": "python-HyperKitty", "version_value": "1.3.2-lp152.2.3.1"}]}}, {"product_name": "Factory", "version": {"version_data": [{"version_affected": "<", "version_name": "python-HyperKitty", "version_value": "1.3.4-5.1"}]}}]}, "vendor_name": "openSUSE"}]}}, "credit": [{"lang": "eng", "value": "Matthias Gerstner of SUSE"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions. openSUSE Factory python-HyperKitty versions prior to 1.3.4-5.1."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-61: UNIX Symbolic Link (Symlink) Following"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.suse.com/show_bug.cgi?id=1182373", "refsource": "CONFIRM", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182373"}]}, "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1182373", "defect": ["1182373"], "discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "assignerShortName": "suse", "cveId": "CVE-2021-25322", "datePublished": "2021-05-19T00:00:00", "dateReserved": "2021-01-19T00:00:00", "dateUpdated": "2021-06-10T11:45:11", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:python-hyperkitty_project:python-hyperkitty:*:*:*:*:*:*:*:*", "matchCriteriaId": "E53ACCC7-5C64-4CB8-9680-79214281D008", "versionEndIncluding": "1.3.2-lp152.2.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:python-hyperkitty_project:python-hyperkitty:*:*:*:*:*:*:*:*", "matchCriteriaId": "51CCC2D1-E66D-4CE8-B91A-E711A9AAF78B", "versionEndExcluding": "1.3.4-5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:factory:-:*:*:*:*:*:*:*", "matchCriteriaId": "E29492E1-43D8-43BF-94E3-26A762A66FAA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions. openSUSE Factory python-HyperKitty versions prior to 1.3.4-5.1."}, {"lang": "es", "value": "Una vulnerabilidad de seguimiento de enlaces simb\u00f3licos UNIX (Symlink) en python-HyperKitty de openSUSE Leap 15.2, Factory permite a atacantes locales escalar privilegios del usuario hyperkitty o hyperkitty-admin a root. Este problema afecta a: openSUSE Leap 15.2 python-HyperKitty versi\u00f3n 1.3.2-lp152.2.3.1 y versiones anteriores. openSUSE Factory python-HyperKitty versiones anteriores a 1.3.4-5.1"}], "id": "CVE-2021-25322", "lastModified": "2023-06-22T19:08:54.337", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 4.2, "source": "meissner@suse.de", "type": "Secondary"}]}, "published": "2021-06-10T12:15:08.523", "references": [{"source": "meissner@suse.de", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1182373"}], "sourceIdentifier": "meissner@suse.de", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-61"}], "source": "meissner@suse.de", "type": "Secondary"}]}