An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call "crm history" (when "crm" is run) were able to execute commands via shell code injection to the crm history commandline, potentially allowing escalation of privileges.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2021/01/12/3 | Mailing List Patch Third Party Advisory |
https://bugzilla.suse.com/show_bug.cgi?id=1179999 | Issue Tracking Third Party Advisory |
https://github.com/ClusterLabs/crmsh/blob/a403aa15f3ea575adfe5e43bf2a31c9f9094fcda/crmsh/history.py#L476 | Patch Third Party Advisory |
https://github.com/ClusterLabs/crmsh/releases | Release Notes Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/01/msg00021.html | Mailing List Third Party Advisory |
https://www.openwall.com/lists/oss-security/2021/01/12/3 | Exploit Mailing List Third Party Advisory |
Configurations
History
02 Feb 2021, 15:00
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2021/01/msg00021.html - Mailing List, Third Party Advisory |
26 Jan 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
15 Jan 2021, 14:41
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:clusterlabs:crmsh:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 7.2
v3 : 7.8 |
CWE | CWE-269 | |
References | (MISC) https://github.com/ClusterLabs/crmsh/releases - Release Notes, Third Party Advisory | |
References | (MISC) https://bugzilla.suse.com/show_bug.cgi?id=1179999 - Issue Tracking, Third Party Advisory | |
References | (CONFIRM) https://www.openwall.com/lists/oss-security/2021/01/12/3 - Exploit, Mailing List, Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2021/01/12/3 - Mailing List, Patch, Third Party Advisory | |
References | (MISC) https://github.com/ClusterLabs/crmsh/blob/a403aa15f3ea575adfe5e43bf2a31c9f9094fcda/crmsh/history.py#L476 - Patch, Third Party Advisory |
12 Jan 2021, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-01-12 15:15
Updated : 2023-12-10 13:41
NVD link : CVE-2020-35459
Mitre link : CVE-2020-35459
CVE.ORG link : CVE-2020-35459
JSON object : View
Products Affected
debian
- debian_linux
clusterlabs
- crmsh
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')