CVE-2020-8023
Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1.
Una vulnerabilidad de aceptación de Datos Extraños No Confiables con Datos Confiables en el script de inicio de openldap2 de SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server para SAP 12-SP2, SUSE Linux Enterprise Server para SAP 12-SP3, SUSE Linux Enterprise Server para SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2, permite a atacantes locales escalar los privilegios del usuario de ldap a root. Este problema afecta a: openldap2 de SUSE Enterprise Storage 5 versiones anteriores a 2.4.41-18.71.2. openldap2 de SUSE Linux Enterprise Debuginfo 11-SP3 versiones anteriores a 2.4.26-0.74.13.1,. openldap2 de SUSE Linux Enterprise Debuginfo 11-SP4 versiones anteriores a 2.4.26-0.74.13.1,. openldap2 de SUSE Linux Enterprise Point of Sale 11-SP3 versiones anteriores a 2.4.26-0.74.13.1,. openldap2-client-openssl1 de SUSE Linux Enterprise Server 11-SECURITY versiones anteriores a 2.4.26-0.74.13.1. openldap2 de SUSE Linux Enterprise Server 11-SP4-LTSS versiones anteriores a 2.4.26-0.74.13.1,. openldap2 de SUSE Linux Enterprise Server 12-SP2-BCL versiones anteriores a 2.4.41-18.71.2. openldap2 de SUSE Linux Enterprise Server 12-SP2-LTSS versiones anteriores a 2.4.41-18.71.2. openldap2 de SUSE Linux Enterprise Server 12-SP3-BCL versiones anteriores a 2.4.41-18.71.2. openldap2 de SUSE Linux Enterprise Server 12-SP3-LTSS versiones anteriores a 2.4.41-18.71.2. openldap2 de SUSE Linux Enterprise Server 12-SP4 versiones anteriores a 2.4.41-18.71.2. openldap2 de SUSE Linux Enterprise Server 12-SP5 versiones anteriores a 2.4.41-18.71.2. openldap2 de SUSE Linux Enterprise Server 15-LTSS versiones anteriores a 2.4.46-9.31.1. openldap2 de SUSE Linux Enterprise Server para SAP 12-SP2 versiones anteriores a 2.4.41-18.71.2. openldap2 de SUSE Linux Enterprise Server para SAP 12-SP3 versiones anteriores a 2.4.41-18.71.2. openldap2 de SUSE Linux Enterprise Server para SAP 15 versiones anteriores a 2.4.46-9.31.1. openldap2 de SUSE OpenStack Cloud 7 versiones anteriores a 2.4.41-18.71.2. openldap2 de SUSE OpenStack Cloud 8 versiones anteriores a 2.4.41-18.71.2. openldap2 de SUSE OpenStack Cloud Crowbar 8 versiones anteriores a 2.4.41-18.71.2. openldap2 de openSUSE Leap 15.1 versiones anteriores a 2.4.46-lp151.10.12.1. openldap2 de openSUSE Leap 15.2 versiones anteriores a 2.4.46-lp152.14.3.1
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-01-27 CVE Reserved
- 2020-09-01 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-349: Acceptance of Extraneous Untrusted Data With Trusted Data
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.suse.com/show_bug.cgi?id=1172698 | 2024-09-16 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Enterprise Storage Search vendor "Suse" for product "Enterprise Storage" | 5.0 Search vendor "Suse" for product "Enterprise Storage" and version "5.0" | - |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Openstack Cloud Search vendor "Suse" for product "Openstack Cloud" | 7.0 Search vendor "Suse" for product "Openstack Cloud" and version "7.0" | - |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Openstack Cloud Search vendor "Suse" for product "Openstack Cloud" | 8.0 Search vendor "Suse" for product "Openstack Cloud" and version "8.0" | - |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Openstack Cloud Crowbar Search vendor "Suse" for product "Openstack Cloud Crowbar" | 8.0 Search vendor "Suse" for product "Openstack Cloud Crowbar" and version "8.0" | - |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | sp2 |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | sp2, sap |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | sp2, ltss |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | sp3, sap |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | sp3 |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | sp3, ltss |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | sp4 |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.41-18.71.2 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.41-18.71.2" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | sp5 |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.26-0.74.13.1 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.26-0.74.13.1" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Debuginfo Search vendor "Suse" for product "Linux Enterprise Debuginfo" | 11 Search vendor "Suse" for product "Linux Enterprise Debuginfo" and version "11" | sp3 |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.26-0.74.13.1 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.26-0.74.13.1" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Debuginfo Search vendor "Suse" for product "Linux Enterprise Debuginfo" | 11 Search vendor "Suse" for product "Linux Enterprise Debuginfo" and version "11" | sp4 |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.26-0.74.13.1 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.26-0.74.13.1" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Point Of Sale Search vendor "Suse" for product "Linux Enterprise Point Of Sale" | 11 Search vendor "Suse" for product "Linux Enterprise Point Of Sale" and version "11" | sp3 |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.26-0.74.13.1 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.26-0.74.13.1" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 11 Search vendor "Suse" for product "Linux Enterprise Server" and version "11" | - |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.26-0.74.13.1 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.26-0.74.13.1" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 11 Search vendor "Suse" for product "Linux Enterprise Server" and version "11" | sp4, ltss |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.46-9.31.1 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.46-9.31.1" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 15 Search vendor "Suse" for product "Linux Enterprise Server" and version "15" | ltss |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.46-9.31.1 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.46-9.31.1" | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 15 Search vendor "Suse" for product "Linux Enterprise Server" and version "15" | sap |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.46-lp151.10.12.1 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.46-lp151.10.12.1" | - |
Affected
| in | Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.1 Search vendor "Opensuse" for product "Leap" and version "15.1" | - |
Safe
|
| Opensuse Search vendor "Opensuse" | Openldap2 Search vendor "Opensuse" for product "Openldap2" | < 2.4.46-lp151.10.12.1 Search vendor "Opensuse" for product "Openldap2" and version " < 2.4.46-lp151.10.12.1" | - |
Affected
| in | Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 15.2 Search vendor "Opensuse" for product "Leap" and version "15.2" | - |
Safe
|