Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for openSUSE Leap 15.4 by openSUSE

    CVE-2022-45153 (GCVE-0-2022-45153)

    Vulnerability from nvd – Published: 2023-02-15 00:00 – Updated: 2025-03-18 19:25
    VLAI
    Title
    saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls
    Summary
    An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    SUSE SUSE Linux Enterprise Module for SAP Applications 15-SP1 Affected: saphanabootstrap-formula , < 0.13.1+git.1667812208.4db963e (custom)
    Create a notification for this product.
    SUSE SUSE Linux Enterprise Server for SAP 12-SP5 Affected: saphanabootstrap-formula , < 0.13.1+git.1667812208.4db963e (custom)
    Create a notification for this product.
    openSUSE openSUSE Leap 15.4 Affected: saphanabootstrap-formula , < 0.13.1+git.1667812208.4db963e (custom)
    Create a notification for this product.
    Date Public
    2023-01-02 00:00
    Credits
    Johannes Segitz of SUSE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T14:09:55.968Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=1205990"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-45153",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-18T19:24:52.978311Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-18T19:25:05.374Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SUSE Linux Enterprise Module for SAP Applications 15-SP1",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "0.13.1+git.1667812208.4db963e",
                  "status": "affected",
                  "version": "saphanabootstrap-formula",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "SUSE Linux Enterprise Server for SAP 12-SP5",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "0.13.1+git.1667812208.4db963e",
                  "status": "affected",
                  "version": "saphanabootstrap-formula",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.4",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "0.13.1+git.1667812208.4db963e",
                  "status": "affected",
                  "version": "saphanabootstrap-formula",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Johannes Segitz of SUSE"
            }
          ],
          "datePublic": "2023-01-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276: Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-15T00:00:00.000Z",
            "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
            "shortName": "suse"
          },
          "references": [
            {
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1205990"
            }
          ],
          "source": {
            "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1205990",
            "defect": [
              "1205990"
            ],
            "discovery": "INTERNAL"
          },
          "title": "saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "assignerShortName": "suse",
        "cveId": "CVE-2022-45153",
        "datePublished": "2023-02-15T00:00:00.000Z",
        "dateReserved": "2022-11-11T00:00:00.000Z",
        "dateUpdated": "2025-03-18T19:25:05.374Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-22643 (GCVE-0-2023-22643)

    Vulnerability from nvd – Published: 2023-02-07 00:00 – Updated: 2025-03-25 14:31
    VLAI
    Title
    libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls
    Summary
    An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPO_ALIAS, REPO_TYPE or REPO_METADATA_PATH settings to execute code as root. This issue affects: SUSE Linux Enterprise Server for SAP 15-SP3 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426. openSUSE Leap 15.4 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    SUSE SUSE Linux Enterprise Server for SAP 15-SP3 Affected: libzypp-plugin-appdata , < 1.0.1+git.20180426 (custom)
    Create a notification for this product.
    openSUSE openSUSE Leap 15.4 Affected: libzypp-plugin-appdata , < 1.0.1+git.20180426 (custom)
    Create a notification for this product.
    Date Public
    2023-01-17 00:00
    Credits
    Matthias Gerstner of SUSE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:13:49.511Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=1206836"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-22643",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-25T14:31:15.373763Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-25T14:31:19.350Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SUSE Linux Enterprise Server for SAP 15-SP3",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "1.0.1+git.20180426",
                  "status": "affected",
                  "version": "libzypp-plugin-appdata",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.4",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "1.0.1+git.20180426",
                  "status": "affected",
                  "version": "libzypp-plugin-appdata",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Matthias Gerstner of SUSE"
            }
          ],
          "datePublic": "2023-01-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPO_ALIAS, REPO_TYPE or REPO_METADATA_PATH settings to execute code as root. This issue affects: SUSE Linux Enterprise Server for SAP 15-SP3 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426. openSUSE Leap 15.4 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-07T00:00:00.000Z",
            "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
            "shortName": "suse"
          },
          "references": [
            {
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1206836"
            }
          ],
          "source": {
            "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1206836",
            "defect": [
              "1206836"
            ],
            "discovery": "INTERNAL"
          },
          "title": "libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "assignerShortName": "suse",
        "cveId": "CVE-2023-22643",
        "datePublished": "2023-02-07T00:00:00.000Z",
        "dateReserved": "2023-01-05T00:00:00.000Z",
        "dateUpdated": "2025-03-25T14:31:19.350Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-31254 (GCVE-0-2022-31254)

    Vulnerability from nvd – Published: 2023-02-07 00:00 – Updated: 2025-03-25 15:40
    VLAI
    Title
    rmt-server-pubcloud allows to escalate from user _rmt to root
    Summary
    A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt user to escalate to root. This issue affects: SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.10. SUSE Linux Enterprise Server for SAP 15-SP1 rmt-server versions prior to 2.10. SUSE Manager Server 4.1 rmt-server versions prior to 2.10. openSUSE Leap 15.3 rmt-server versions prior to 2.10. openSUSE Leap 15.4 rmt-server versions prior to 2.10.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Date Public
    2023-01-03 00:00
    Credits
    Johannes Segitz of SUSE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T07:11:39.905Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=1204285"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-31254",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-25T15:40:20.381091Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-25T15:40:27.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SUSE Linux Enterprise Server for SAP 15",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "2.10",
                  "status": "affected",
                  "version": "rmt-server",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "SUSE Linux Enterprise Server for SAP 15-SP1",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "2.10",
                  "status": "affected",
                  "version": "rmt-server",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "SUSE Manager Server 4.1",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "2.10",
                  "status": "affected",
                  "version": "rmt-server",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.3",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "2.10",
                  "status": "affected",
                  "version": "rmt-server",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.4",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "2.10",
                  "status": "affected",
                  "version": "rmt-server",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Johannes Segitz of SUSE"
            }
          ],
          "datePublic": "2023-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt user to escalate to root. This issue affects: SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.10. SUSE Linux Enterprise Server for SAP 15-SP1 rmt-server versions prior to 2.10. SUSE Manager Server 4.1 rmt-server versions prior to 2.10. openSUSE Leap 15.3 rmt-server versions prior to 2.10. openSUSE Leap 15.4 rmt-server versions prior to 2.10."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276: Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-07T00:00:00.000Z",
            "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
            "shortName": "suse"
          },
          "references": [
            {
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1204285"
            }
          ],
          "source": {
            "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1204285",
            "defect": [
              "1204285"
            ],
            "discovery": "INTERNAL"
          },
          "title": "rmt-server-pubcloud allows to escalate from user _rmt to root",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "assignerShortName": "suse",
        "cveId": "CVE-2022-31254",
        "datePublished": "2023-02-07T00:00:00.000Z",
        "dateReserved": "2022-05-20T00:00:00.000Z",
        "dateUpdated": "2025-03-25T15:40:27.938Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-31252 (GCVE-0-2022-31252)

    Vulnerability from nvd – Published: 2022-10-06 17:14 – Updated: 2024-09-16 18:40
    VLAI
    Title
    permissions: chkstat does not check for group-writable parent directories or target files in safeOpen()
    Summary
    A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225.
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    References
    Impacted products
    Vendor Product Version
    SUSE SUSE Linux Enterprise Server 12-SP5 Affected: permissions , < 20170707 (custom)
    Create a notification for this product.
    openSUSE openSUSE Leap 15.3 Affected: permissions , < 20200127 (custom)
    Create a notification for this product.
    openSUSE openSUSE Leap 15.4 Affected: permissions , < 20201225 (custom)
    Create a notification for this product.
    openSUSE openSUSE Leap Micro 5.2 Affected: permissions , < 20181225 (custom)
    Create a notification for this product.
    Date Public
    2022-09-02 00:00
    Credits
    Martin Wilck from SUSE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T07:11:39.924Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=1203018"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SUSE Linux Enterprise Server 12-SP5",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "20170707",
                  "status": "affected",
                  "version": "permissions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.3",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "20200127",
                  "status": "affected",
                  "version": "permissions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.4",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "20201225",
                  "status": "affected",
                  "version": "permissions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap Micro 5.2",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "20181225",
                  "status": "affected",
                  "version": "permissions",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Martin Wilck from SUSE"
            }
          ],
          "datePublic": "2022-09-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863: Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-11T00:00:00.000Z",
            "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
            "shortName": "suse"
          },
          "references": [
            {
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1203018"
            }
          ],
          "source": {
            "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1203018",
            "defect": [
              "1203018"
            ],
            "discovery": "INTERNAL"
          },
          "title": "permissions: chkstat does not check for group-writable parent directories or target files in safeOpen()",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "assignerShortName": "suse",
        "cveId": "CVE-2022-31252",
        "datePublished": "2022-10-06T17:14:05.294Z",
        "dateReserved": "2022-05-20T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:40:06.727Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-45153 (GCVE-0-2022-45153)

    Vulnerability from cvelistv5 – Published: 2023-02-15 00:00 – Updated: 2025-03-18 19:25
    VLAI
    Title
    saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls
    Summary
    An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Vendor Product Version
    SUSE SUSE Linux Enterprise Module for SAP Applications 15-SP1 Affected: saphanabootstrap-formula , < 0.13.1+git.1667812208.4db963e (custom)
    Create a notification for this product.
    SUSE SUSE Linux Enterprise Server for SAP 12-SP5 Affected: saphanabootstrap-formula , < 0.13.1+git.1667812208.4db963e (custom)
    Create a notification for this product.
    openSUSE openSUSE Leap 15.4 Affected: saphanabootstrap-formula , < 0.13.1+git.1667812208.4db963e (custom)
    Create a notification for this product.
    Date Public
    2023-01-02 00:00
    Credits
    Johannes Segitz of SUSE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T14:09:55.968Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=1205990"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-45153",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-18T19:24:52.978311Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-18T19:25:05.374Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SUSE Linux Enterprise Module for SAP Applications 15-SP1",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "0.13.1+git.1667812208.4db963e",
                  "status": "affected",
                  "version": "saphanabootstrap-formula",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "SUSE Linux Enterprise Server for SAP 12-SP5",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "0.13.1+git.1667812208.4db963e",
                  "status": "affected",
                  "version": "saphanabootstrap-formula",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.4",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "0.13.1+git.1667812208.4db963e",
                  "status": "affected",
                  "version": "saphanabootstrap-formula",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Johannes Segitz of SUSE"
            }
          ],
          "datePublic": "2023-01-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276: Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-15T00:00:00.000Z",
            "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
            "shortName": "suse"
          },
          "references": [
            {
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1205990"
            }
          ],
          "source": {
            "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1205990",
            "defect": [
              "1205990"
            ],
            "discovery": "INTERNAL"
          },
          "title": "saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "assignerShortName": "suse",
        "cveId": "CVE-2022-45153",
        "datePublished": "2023-02-15T00:00:00.000Z",
        "dateReserved": "2022-11-11T00:00:00.000Z",
        "dateUpdated": "2025-03-18T19:25:05.374Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-31254 (GCVE-0-2022-31254)

    Vulnerability from cvelistv5 – Published: 2023-02-07 00:00 – Updated: 2025-03-25 15:40
    VLAI
    Title
    rmt-server-pubcloud allows to escalate from user _rmt to root
    Summary
    A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt user to escalate to root. This issue affects: SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.10. SUSE Linux Enterprise Server for SAP 15-SP1 rmt-server versions prior to 2.10. SUSE Manager Server 4.1 rmt-server versions prior to 2.10. openSUSE Leap 15.3 rmt-server versions prior to 2.10. openSUSE Leap 15.4 rmt-server versions prior to 2.10.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-276 - Incorrect Default Permissions
    Assigner
    References
    Impacted products
    Date Public
    2023-01-03 00:00
    Credits
    Johannes Segitz of SUSE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T07:11:39.905Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=1204285"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-31254",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-25T15:40:20.381091Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-25T15:40:27.938Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SUSE Linux Enterprise Server for SAP 15",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "2.10",
                  "status": "affected",
                  "version": "rmt-server",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "SUSE Linux Enterprise Server for SAP 15-SP1",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "2.10",
                  "status": "affected",
                  "version": "rmt-server",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "SUSE Manager Server 4.1",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "2.10",
                  "status": "affected",
                  "version": "rmt-server",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.3",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "2.10",
                  "status": "affected",
                  "version": "rmt-server",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.4",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "2.10",
                  "status": "affected",
                  "version": "rmt-server",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Johannes Segitz of SUSE"
            }
          ],
          "datePublic": "2023-01-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt user to escalate to root. This issue affects: SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.10. SUSE Linux Enterprise Server for SAP 15-SP1 rmt-server versions prior to 2.10. SUSE Manager Server 4.1 rmt-server versions prior to 2.10. openSUSE Leap 15.3 rmt-server versions prior to 2.10. openSUSE Leap 15.4 rmt-server versions prior to 2.10."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-276",
                  "description": "CWE-276: Incorrect Default Permissions",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-07T00:00:00.000Z",
            "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
            "shortName": "suse"
          },
          "references": [
            {
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1204285"
            }
          ],
          "source": {
            "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1204285",
            "defect": [
              "1204285"
            ],
            "discovery": "INTERNAL"
          },
          "title": "rmt-server-pubcloud allows to escalate from user _rmt to root",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "assignerShortName": "suse",
        "cveId": "CVE-2022-31254",
        "datePublished": "2023-02-07T00:00:00.000Z",
        "dateReserved": "2022-05-20T00:00:00.000Z",
        "dateUpdated": "2025-03-25T15:40:27.938Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-22643 (GCVE-0-2023-22643)

    Vulnerability from cvelistv5 – Published: 2023-02-07 00:00 – Updated: 2025-03-25 14:31
    VLAI
    Title
    libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls
    Summary
    An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPO_ALIAS, REPO_TYPE or REPO_METADATA_PATH settings to execute code as root. This issue affects: SUSE Linux Enterprise Server for SAP 15-SP3 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426. openSUSE Leap 15.4 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    References
    Impacted products
    Vendor Product Version
    SUSE SUSE Linux Enterprise Server for SAP 15-SP3 Affected: libzypp-plugin-appdata , < 1.0.1+git.20180426 (custom)
    Create a notification for this product.
    openSUSE openSUSE Leap 15.4 Affected: libzypp-plugin-appdata , < 1.0.1+git.20180426 (custom)
    Create a notification for this product.
    Date Public
    2023-01-17 00:00
    Credits
    Matthias Gerstner of SUSE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T10:13:49.511Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=1206836"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-22643",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-25T14:31:15.373763Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-25T14:31:19.350Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SUSE Linux Enterprise Server for SAP 15-SP3",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "1.0.1+git.20180426",
                  "status": "affected",
                  "version": "libzypp-plugin-appdata",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.4",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "1.0.1+git.20180426",
                  "status": "affected",
                  "version": "libzypp-plugin-appdata",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Matthias Gerstner of SUSE"
            }
          ],
          "datePublic": "2023-01-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027) vulnerability in libzypp-plugin-appdata of SUSE Linux Enterprise Server for SAP 15-SP3; openSUSE Leap 15.4 allows attackers that can trick users to use specially crafted REPO_ALIAS, REPO_TYPE or REPO_METADATA_PATH settings to execute code as root. This issue affects: SUSE Linux Enterprise Server for SAP 15-SP3 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426. openSUSE Leap 15.4 libzypp-plugin-appdata versions prior to 1.0.1+git.20180426."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-02-07T00:00:00.000Z",
            "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
            "shortName": "suse"
          },
          "references": [
            {
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1206836"
            }
          ],
          "source": {
            "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1206836",
            "defect": [
              "1206836"
            ],
            "discovery": "INTERNAL"
          },
          "title": "libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "assignerShortName": "suse",
        "cveId": "CVE-2023-22643",
        "datePublished": "2023-02-07T00:00:00.000Z",
        "dateReserved": "2023-01-05T00:00:00.000Z",
        "dateUpdated": "2025-03-25T14:31:19.350Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-31252 (GCVE-0-2022-31252)

    Vulnerability from cvelistv5 – Published: 2022-10-06 17:14 – Updated: 2024-09-16 18:40
    VLAI
    Title
    permissions: chkstat does not check for group-writable parent directories or target files in safeOpen()
    Summary
    A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225.
    CWE
    • CWE-863 - Incorrect Authorization
    Assigner
    References
    Impacted products
    Vendor Product Version
    SUSE SUSE Linux Enterprise Server 12-SP5 Affected: permissions , < 20170707 (custom)
    Create a notification for this product.
    openSUSE openSUSE Leap 15.3 Affected: permissions , < 20200127 (custom)
    Create a notification for this product.
    openSUSE openSUSE Leap 15.4 Affected: permissions , < 20201225 (custom)
    Create a notification for this product.
    openSUSE openSUSE Leap Micro 5.2 Affected: permissions , < 20181225 (custom)
    Create a notification for this product.
    Date Public
    2022-09-02 00:00
    Credits
    Martin Wilck from SUSE
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T07:11:39.924Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://bugzilla.suse.com/show_bug.cgi?id=1203018"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "SUSE Linux Enterprise Server 12-SP5",
              "vendor": "SUSE",
              "versions": [
                {
                  "lessThan": "20170707",
                  "status": "affected",
                  "version": "permissions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.3",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "20200127",
                  "status": "affected",
                  "version": "permissions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap 15.4",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "20201225",
                  "status": "affected",
                  "version": "permissions",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "openSUSE Leap Micro 5.2",
              "vendor": "openSUSE",
              "versions": [
                {
                  "lessThan": "20181225",
                  "status": "affected",
                  "version": "permissions",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Martin Wilck from SUSE"
            }
          ],
          "datePublic": "2022-09-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "NONE",
                "baseScore": 4.4,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-863",
                  "description": "CWE-863: Incorrect Authorization",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-11T00:00:00.000Z",
            "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
            "shortName": "suse"
          },
          "references": [
            {
              "url": "https://bugzilla.suse.com/show_bug.cgi?id=1203018"
            }
          ],
          "source": {
            "advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1203018",
            "defect": [
              "1203018"
            ],
            "discovery": "INTERNAL"
          },
          "title": "permissions: chkstat does not check for group-writable parent directories or target files in safeOpen()",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "assignerShortName": "suse",
        "cveId": "CVE-2022-31252",
        "datePublished": "2022-10-06T17:14:05.294Z",
        "dateReserved": "2022-05-20T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:40:06.727Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }