CVE-2021-25314
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A Creation of Temporary File With Insecure Permissions vulnerability in hawk2 of SUSE Linux Enterprise High Availability 12-SP3, SUSE Linux Enterprise High Availability 12-SP5, SUSE Linux Enterprise High Availability 15-SP2 allows local attackers to escalate to root. This issue affects: SUSE Linux Enterprise High Availability 12-SP3 hawk2 versions prior to 2.6.3+git.1614685906.812c31e9. SUSE Linux Enterprise High Availability 12-SP5 hawk2 versions prior to 2.6.3+git.1614685906.812c31e9. SUSE Linux Enterprise High Availability 15-SP2 hawk2 versions prior to 2.6.3+git.1614684118.af555ad9.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise High Availability 12-SP3 | hawk2 < 2.6.3+git.1614685906.812c31e9 | affected |
| SUSE | SUSE Linux Enterprise High Availability 12-SP5 | hawk2 < 2.6.3+git.1614685906.812c31e9 | affected |
| SUSE | SUSE Linux Enterprise High Availability 15-SP2 | hawk2 < 2.6.3+git.1614684118.af555ad9 | affected |
Weaknesses
- CWE-378: CWE-378: Creation of Temporary File With Insecure Permissions
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.