Vulnerability CVE-2020-35459


Published: 2021-01-12

Description:
An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call "crm history" (when "crm" is run) were able to execute commands via shell code injection to the crm history commandline, potentially allowing escalation of privileges.

Type:

CWE-269

(Improper Privilege Management)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Clusterlabs -> Crmsh 

 References:
http://www.openwall.com/lists/oss-security/2021/01/12/3
https://bugzilla.suse.com/show_bug.cgi?id=1179999
https://github.com/ClusterLabs/crmsh/blob/a403aa15f3ea575adfe5e43bf2a31c9f9094fcda/crmsh/history.py#L476
https://github.com/ClusterLabs/crmsh/releases
https://www.openwall.com/lists/oss-security/2021/01/12/3

Copyright 2022, cxsecurity.com

 

Back to Top