// For flags

CVE-2021-25322

python-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2, Factory allows local attackers to escalate privileges from the user hyperkitty or hyperkitty-admin to root. This issue affects: openSUSE Leap 15.2 python-HyperKitty version 1.3.2-lp152.2.3.1 and prior versions. openSUSE Factory python-HyperKitty versions prior to 1.3.4-5.1.

Una vulnerabilidad de seguimiento de enlaces simbólicos UNIX (Symlink) en python-HyperKitty de openSUSE Leap 15.2, Factory permite a atacantes locales escalar privilegios del usuario hyperkitty o hyperkitty-admin a root. Este problema afecta a: openSUSE Leap 15.2 python-HyperKitty versión 1.3.2-lp152.2.3.1 y versiones anteriores. openSUSE Factory python-HyperKitty versiones anteriores a 1.3.4-5.1

*Credits: Matthias Gerstner of SUSE
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
Low
Availability
None
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2021-01-19 CVE Reserved
  • 2021-06-10 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-09-17 CVE Updated
  • 2024-09-17 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-61: UNIX Symbolic Link (Symlink) Following
CAPEC
References (1)
URL Tag Source
URL Date SRC
https://bugzilla.suse.com/show_bug.cgi?id=1182373 2024-09-17
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Python-hyperkitty Project
Search vendor "Python-hyperkitty Project"
 Python-hyperkitty
Search vendor "Python-hyperkitty Project" for product "Python-hyperkitty"
 <= 1.3.2-lp152.2.3.1
Search vendor "Python-hyperkitty Project" for product "Python-hyperkitty" and version " <= 1.3.2-lp152.2.3.1"
-
Affected
in Opensuse
Search vendor "Opensuse"
 Leap
Search vendor "Opensuse" for product "Leap"
 15.2
Search vendor "Opensuse" for product "Leap" and version "15.2"
-
Safe
Python-hyperkitty Project
Search vendor "Python-hyperkitty Project"
 Python-hyperkitty
Search vendor "Python-hyperkitty Project" for product "Python-hyperkitty"
 < 1.3.4-5.1
Search vendor "Python-hyperkitty Project" for product "Python-hyperkitty" and version " < 1.3.4-5.1"
-
Affected
in Opensuse
Search vendor "Opensuse"
 Factory
Search vendor "Opensuse" for product "Factory"
--
Safe