CVE-2021-32000

Published: Jul 28, 2021

Modified: Sep 16, 2024

PUBLISHED

CVSS v3.1

3.2

LOW

Description

A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux Enterprise Server 12 SP3 clone-master-clean-up version 1.6-4.6.1 and prior versions. SUSE Linux Enterprise Server 15 SP1 clone-master-clean-up version 1.6-3.9.1 and prior versions. openSUSE Factory clone-master-clean-up version 1.6-1.4 and prior versions.

Vendor	Product	Versions
SUSE	SUSE Linux Enterprise Server 12 SP3	affected `clone-master-clean-up - <= 1.6-4.6.1`
SUSE	SUSE Linux Enterprise Server 15 SP1	affected `clone-master-clean-up - <= 1.6-3.9.1`
openSUSE	Factory	affected `clone-master-clean-up - <= 1.6-1.4`

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

Attack Vector

Physical

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

Low

References

https://bugzilla.suse.com/show_bug.cgi?id=1181050

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-32000

Description

Affected Products

CVSS v3.1 Details

References