All the vulnerabilites related to SUSE - SUSE OpenStack Cloud 8
cve-2019-3683
Vulnerability from cvelistv5
Published
2020-01-17 11:10
Modified
2024-09-17 02:53
Summary
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full "member" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations.
References
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T19:19:17.419Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1124864"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Openstack Cloud 8",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "d7888c75505465490250c00cc0ef4bb1af662f9f",
              "status": "affected",
              "version": "keystone-json-assignment",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Kurt Garloff by SUSE"
        }
      ],
      "datePublic": "2019-02-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full \"member\" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-732",
              "description": "CWE-732: Incorrect Permission Assignment for Critical Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-17T11:10:12",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1124864"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1124864",
        "defect": [
          "1124864"
        ],
        "discovery": "INTERNAL"
      },
      "title": "keystone_json_assignment backend granted access to any project for users in user-project-map.json",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2019-02-18T00:00:00.000Z",
          "ID": "CVE-2019-3683",
          "STATE": "PUBLIC",
          "TITLE": "keystone_json_assignment backend granted access to any project for users in user-project-map.json"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Openstack Cloud 8",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "keystone-json-assignment",
                            "version_value": "d7888c75505465490250c00cc0ef4bb1af662f9f"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Kurt Garloff by SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full \"member\" role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-732: Incorrect Permission Assignment for Critical Resource"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1124864",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1124864"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1124864",
          "defect": [
            "1124864"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2019-3683",
    "datePublished": "2020-01-17T11:10:12.100176Z",
    "dateReserved": "2019-01-03T00:00:00",
    "dateUpdated": "2024-09-17T02:53:23.354Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-8023
Vulnerability from cvelistv5
Published
2020-09-01 11:25
Modified
2024-09-16 18:33
Summary
A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1.
References
Impacted products
Vendor Product Version
SUSE SUSE Linux Enterprise Debuginfo 11-SP3 Version: openldap2   < 2.4.26-0.74.13.1,
SUSE SUSE Linux Enterprise Debuginfo 11-SP4 Version: openldap2   < 2.4.26-0.74.13.1,
SUSE SUSE Linux Enterprise Point of Sale 11-SP3 Version: openldap2   < 2.4.26-0.74.13.1,
SUSE SUSE Linux Enterprise Server 11-SECURITY Version: openldap2-client-openssl1   < 2.4.26-0.74.13.1
SUSE SUSE Linux Enterprise Server 11-SP4-LTSS Version: openldap2   < 2.4.26-0.74.13.1,
SUSE SUSE Linux Enterprise Server 12-SP2-BCL Version: openldap2   < 2.4.41-18.71.2
SUSE SUSE Linux Enterprise Server 12-SP2-LTSS Version: openldap2   < 2.4.41-18.71.2
SUSE SUSE Linux Enterprise Server 12-SP3-BCL Version: openldap2   < 2.4.41-18.71.2
SUSE SUSE Linux Enterprise Server 12-SP3-LTSS Version: openldap2   < 2.4.41-18.71.2
SUSE SUSE Linux Enterprise Server 12-SP4 Version: openldap2   < 2.4.41-18.71.2
SUSE SUSE Linux Enterprise Server 12-SP5 Version: openldap2   < 2.4.41-18.71.2
SUSE SUSE Linux Enterprise Server 15-LTSS Version: openldap2   < 2.4.46-9.31.1
SUSE SUSE Linux Enterprise Server for SAP 12-SP2 Version: openldap2   < 2.4.41-18.71.2
SUSE SUSE Linux Enterprise Server for SAP 12-SP3 Version: openldap2   < 2.4.41-18.71.2
SUSE SUSE Linux Enterprise Server for SAP 15 Version: openldap2   < 2.4.46-9.31.1
SUSE SUSE OpenStack Cloud 7 Version: openldap2   < 2.4.41-18.71.2
SUSE SUSE OpenStack Cloud 8 Version: openldap2   < 2.4.41-18.71.2
SUSE SUSE OpenStack Cloud Crowbar 8 Version: openldap2   < 2.4.41-18.71.2
openSUSE openSUSE Leap 15.1 Version: openldap2   < 2.4.46-lp151.10.12.1
openSUSE openSUSE Leap 15.2 Version: openldap2   < 2.4.46-lp152.14.3.1
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:48:25.193Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172698"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Enterprise Storage 5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Debuginfo 11-SP3",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.26-0.74.13.1,",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Debuginfo 11-SP4",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.26-0.74.13.1,",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Point of Sale 11-SP3",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.26-0.74.13.1,",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 11-SECURITY",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.26-0.74.13.1",
              "status": "affected",
              "version": "openldap2-client-openssl1",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 11-SP4-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.26-0.74.13.1,",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP2-BCL",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP2-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP3-BCL",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP3-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP4",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 15-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.46-9.31.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server for SAP 12-SP2",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server for SAP 12-SP3",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server for SAP 15",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.46-9.31.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud 7",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud 8",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud Crowbar 8",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "2.4.41-18.71.2",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.1",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "2.4.46-lp151.10.12.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "openSUSE Leap 15.2",
          "vendor": "openSUSE",
          "versions": [
            {
              "lessThan": "2.4.46-lp152.14.3.1",
              "status": "affected",
              "version": "openldap2",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Johannes Segitz of SUSE"
        }
      ],
      "datePublic": "2020-07-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-349",
              "description": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-09-01T11:25:12",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172698"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1172698",
        "defect": [
          "1172698"
        ],
        "discovery": "INTERNAL"
      },
      "title": "Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-07-06T00:00:00.000Z",
          "ID": "CVE-2020-8023",
          "STATE": "PUBLIC",
          "TITLE": "Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Enterprise Storage 5",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Debuginfo 11-SP3",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.26-0.74.13.1,"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Debuginfo 11-SP4",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.26-0.74.13.1,"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Point of Sale 11-SP3",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.26-0.74.13.1,"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 11-SECURITY",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2-client-openssl1",
                            "version_value": "2.4.26-0.74.13.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 11-SP4-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.26-0.74.13.1,"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP2-BCL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP2-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP3-BCL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP3-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP4",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP5",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 15-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-9.31.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server for SAP 12-SP2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server for SAP 12-SP3",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server for SAP 15",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-9.31.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE OpenStack Cloud 7",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE OpenStack Cloud 8",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE OpenStack Cloud Crowbar 8",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.41-18.71.2"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              },
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "openSUSE Leap 15.1",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-lp151.10.12.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "openSUSE Leap 15.2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "openldap2",
                            "version_value": "2.4.46-lp152.14.3.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "openSUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Johannes Segitz of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1172698",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172698"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1172698",
          "defect": [
            "1172698"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2020-8023",
    "datePublished": "2020-09-01T11:25:12.674939Z",
    "dateReserved": "2020-01-27T00:00:00",
    "dateUpdated": "2024-09-16T18:33:45.008Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2020-8022
Vulnerability from cvelistv5
Published
2020-06-29 08:20
Modified
2024-09-17 00:16
Summary
A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1.
Impacted products
Vendor Product Version
SUSE SUSE Linux Enterprise Server 12-SP2-BCL Version: tomcat   < 8.0.53-29.32.1
SUSE SUSE Linux Enterprise Server 12-SP2-LTSS Version: tomcat   < 8.0.53-29.32.1
SUSE SUSE Linux Enterprise Server 12-SP3-BCL Version: tomcat   < 8.0.53-29.32.1
SUSE SUSE Linux Enterprise Server 12-SP3-LTSS Version: tomcat   < 8.0.53-29.32.1
SUSE SUSE Linux Enterprise Server 12-SP4 Version: tomcat   < 9.0.35-3.39.1
SUSE SUSE Linux Enterprise Server 12-SP5 Version: tomcat   < 9.0.35-3.39.1
SUSE SUSE Linux Enterprise Server 15-LTSS Version: tomcat   < 9.0.35-3.57.3
SUSE SUSE Linux Enterprise Server for SAP 12-SP2 Version: tomcat   < 8.0.53-29.32.1
SUSE SUSE Linux Enterprise Server for SAP 12-SP3 Version: tomcat   < 8.0.53-29.32.1
SUSE SUSE Linux Enterprise Server for SAP 15 Version: tomcat   < 9.0.35-3.57.3
SUSE SUSE OpenStack Cloud 7 Version: tomcat   < 8.0.53-29.32.1
SUSE SUSE OpenStack Cloud 8 Version: tomcat   < 8.0.53-29.32.1
SUSE SUSE OpenStack Cloud Crowbar 8 Version: tomcat   < 8.0.53-29.32.1
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T09:48:25.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172405"
          },
          {
            "name": "openSUSE-SU-2020:0911",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00066.html"
          },
          {
            "name": "[tomcat-users] 20200902 Re: regarding CVE-2020-8022 applicable to tomcat 8.5.57",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/rf50d02409e5732c4ee37f19a193af171251a25a652599ce3c2bc69e7%40%3Cusers.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-users] 20200902 regarding CVE-2020-8022 applicable to tomcat 8.5.57",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/ra87ec20a0f4b226c81c7eed27e5d7433ccdc41e61a8da408a45f0fa1%40%3Cusers.tomcat.apache.org%3E"
          },
          {
            "name": "[axis-java-dev] 20210228 axis2 1.7.9 is exposed to CVE-2020-8022 via tomcat dependency",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928%40%3Cjava-dev.axis.apache.org%3E"
          },
          {
            "name": "[axis-java-dev] 20210307 Re: axis2 1.7.9 is exposed to CVE-2020-8022 via tomcat dependency",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be%40%3Cjava-dev.axis.apache.org%3E"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE Enterprise Storage 5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.0.53-29.32.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP2-BCL",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.0.53-29.32.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP2-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.0.53-29.32.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP3-BCL",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.0.53-29.32.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP3-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.0.53-29.32.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP4",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "9.0.35-3.39.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 12-SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "9.0.35-3.39.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server 15-LTSS",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "9.0.35-3.57.3",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server for SAP 12-SP2",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.0.53-29.32.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server for SAP 12-SP3",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.0.53-29.32.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE Linux Enterprise Server for SAP 15",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "9.0.35-3.57.3",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud 7",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.0.53-29.32.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud 8",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.0.53-29.32.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud Crowbar 8",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.0.53-29.32.1",
              "status": "affected",
              "version": "tomcat",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Matthias Gerstner of SUSE"
        }
      ],
      "datePublic": "2020-06-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "CWE-276: Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-03-07T14:06:28",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172405"
        },
        {
          "name": "openSUSE-SU-2020:0911",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00066.html"
        },
        {
          "name": "[tomcat-users] 20200902 Re: regarding CVE-2020-8022 applicable to tomcat 8.5.57",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/rf50d02409e5732c4ee37f19a193af171251a25a652599ce3c2bc69e7%40%3Cusers.tomcat.apache.org%3E"
        },
        {
          "name": "[tomcat-users] 20200902 regarding CVE-2020-8022 applicable to tomcat 8.5.57",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/ra87ec20a0f4b226c81c7eed27e5d7433ccdc41e61a8da408a45f0fa1%40%3Cusers.tomcat.apache.org%3E"
        },
        {
          "name": "[axis-java-dev] 20210228 axis2 1.7.9 is exposed to CVE-2020-8022 via tomcat dependency",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928%40%3Cjava-dev.axis.apache.org%3E"
        },
        {
          "name": "[axis-java-dev] 20210307 Re: axis2 1.7.9 is exposed to CVE-2020-8022 via tomcat dependency",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be%40%3Cjava-dev.axis.apache.org%3E"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1172405",
        "defect": [
          "1172405"
        ],
        "discovery": "INTERNAL"
      },
      "title": "User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@suse.com",
          "DATE_PUBLIC": "2020-06-26T00:00:00.000Z",
          "ID": "CVE-2020-8022",
          "STATE": "PUBLIC",
          "TITLE": "User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SUSE Enterprise Storage 5",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "8.0.53-29.32.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP2-BCL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "8.0.53-29.32.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP2-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "8.0.53-29.32.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP3-BCL",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "8.0.53-29.32.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP3-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "8.0.53-29.32.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP4",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "9.0.35-3.39.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 12-SP5",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "9.0.35-3.39.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server 15-LTSS",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "9.0.35-3.57.3"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server for SAP 12-SP2",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "8.0.53-29.32.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server for SAP 12-SP3",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "8.0.53-29.32.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE Linux Enterprise Server for SAP 15",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "9.0.35-3.57.3"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE OpenStack Cloud 7",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "8.0.53-29.32.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE OpenStack Cloud 8",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "8.0.53-29.32.1"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SUSE OpenStack Cloud Crowbar 8",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "tomcat",
                            "version_value": "8.0.53-29.32.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SUSE"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "Matthias Gerstner of SUSE"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-276: Incorrect Default Permissions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.suse.com/show_bug.cgi?id=1172405",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1172405"
            },
            {
              "name": "openSUSE-SU-2020:0911",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00066.html"
            },
            {
              "name": "[tomcat-users] 20200902 Re: regarding CVE-2020-8022 applicable to tomcat 8.5.57",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/rf50d02409e5732c4ee37f19a193af171251a25a652599ce3c2bc69e7@%3Cusers.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-users] 20200902 regarding CVE-2020-8022 applicable to tomcat 8.5.57",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/ra87ec20a0f4b226c81c7eed27e5d7433ccdc41e61a8da408a45f0fa1@%3Cusers.tomcat.apache.org%3E"
            },
            {
              "name": "[axis-java-dev] 20210228 axis2 1.7.9 is exposed to CVE-2020-8022 via tomcat dependency",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r5be80ba868a11a1f64e4922399f171b8619bca4bc2039f79cf913928@%3Cjava-dev.axis.apache.org%3E"
            },
            {
              "name": "[axis-java-dev] 20210307 Re: axis2 1.7.9 is exposed to CVE-2020-8022 via tomcat dependency",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r393d4f431683e99c839b4aed68f720b8583bca6c35cd84adccaa02be@%3Cjava-dev.axis.apache.org%3E"
            }
          ]
        },
        "source": {
          "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1172405",
          "defect": [
            "1172405"
          ],
          "discovery": "INTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2020-8022",
    "datePublished": "2020-06-29T08:20:12.619393Z",
    "dateReserved": "2020-01-27T00:00:00",
    "dateUpdated": "2024-09-17T00:16:49.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2018-17954
Vulnerability from cvelistv5
Published
2020-04-03 07:05
Modified
2024-09-16 20:02
Severity ?
Summary
An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUSE OpenStack Cloud 7 crowbar-core versions prior to 4.0+git.1578392992.fabfd186c-9.63.1, crowbar-. SUSE OpenStack Cloud 8 ardana-cinder versions prior to 8.0+git.1579279939.ee7da88-3.39.3, ardana-. SUSE OpenStack Cloud 9 ardana-ansible versions prior to 9.0+git.1581611758.f694f7d-3.16.1, ardana-. SUSE OpenStack Cloud Crowbar 8 crowbar-core versions prior to 5.0+git.1582968668.1a55c77c5-3.35.4, crowbar-. SUSE OpenStack Cloud Crowbar 9 crowbar-core versions prior to 6.0+git.1582892022.cbd70e833-3.19.3, crowbar-.
Impacted products
Vendor Product Version
SUSE SUSE OpenStack Cloud 8 Version: ardana-cinder   < 8.0+git.1579279939.ee7da88-3.39.3, ardana-
SUSE SUSE OpenStack Cloud 9 Version: ardana-ansible   < 9.0+git.1581611758.f694f7d-3.16.1, ardana-
SUSE SUSE OpenStack Cloud Crowbar 8 Version: crowbar-core   < 5.0+git.1582968668.1a55c77c5-3.35.4, crowbar-
SUSE SUSE OpenStack Cloud Crowbar 9 Version: crowbar-core   < 6.0+git.1582892022.cbd70e833-3.19.3, crowbar-
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:01:14.743Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1117080"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SUSE OpenStack Cloud 7",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "4.0+git.1578392992.fabfd186c-9.63.1, crowbar-",
              "status": "affected",
              "version": "crowbar-core",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud 8",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "8.0+git.1579279939.ee7da88-3.39.3, ardana-",
              "status": "affected",
              "version": "ardana-cinder",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud 9",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "9.0+git.1581611758.f694f7d-3.16.1, ardana-",
              "status": "affected",
              "version": "ardana-ansible",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud Crowbar 8",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "5.0+git.1582968668.1a55c77c5-3.35.4, crowbar-",
              "status": "affected",
              "version": "crowbar-core",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "SUSE OpenStack Cloud Crowbar 9",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "6.0+git.1582892022.cbd70e833-3.19.3, crowbar-",
              "status": "affected",
              "version": "crowbar-core",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Dirk Mueller of SUSE"
        }
      ],
      "datePublic": "2020-04-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUSE OpenStack Cloud 7 crowbar-core versions prior to 4.0+git.1578392992.fabfd186c-9.63.1, crowbar-. SUSE OpenStack Cloud 8 ardana-cinder versions prior to 8.0+git.1579279939.ee7da88-3.39.3, ardana-. SUSE OpenStack Cloud 9 ardana-ansible versions prior to 9.0+git.1581611758.f694f7d-3.16.1, ardana-. SUSE OpenStack Cloud Crowbar 8 crowbar-core versions prior to 5.0+git.1582968668.1a55c77c5-3.35.4, crowbar-. SUSE OpenStack Cloud Crowbar 9 crowbar-core versions prior to 6.0+git.1582892022.cbd70e833-3.19.3, crowbar-."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "CWE-269: Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-10-13T00:00:00",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "microfocus"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1117080"
        }
      ],
      "source": {
        "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1117080",
        "defect": [
          "1117080"
        ],
        "discovery": "INTERNAL"
      },
      "title": "crowbar provision leaks admin password to all nodes in cleartext",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "microfocus",
    "cveId": "CVE-2018-17954",
    "datePublished": "2020-04-03T07:05:13.265182Z",
    "dateReserved": "2018-10-03T00:00:00",
    "dateUpdated": "2024-09-16T20:02:21.821Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}