high
7.8
CWE
349
Advisory Published
Updated

CVE-2020-8023: Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2

First published: Mon Jul 06 2020(Updated: )

A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1.

Credit: meissner@suse.de

Affected SoftwareAffected VersionHow to fix
Opensuse Openldap2<2.4.41-18.71.2
SUSE Enterprise Storage=5.0
SUSE OpenStack Cloud=7.0
SUSE OpenStack Cloud=8.0
SUSE OpenStack Cloud Crowbar=8.0
SUSE Linux Enterprise Server=12-sp2
Suse Linux Enterprise Server Sap=12-sp2
SUSE Linux Enterprise Server=12-sp2
Suse Linux Enterprise Server Sap=12-sp3
SUSE Linux Enterprise Server=12-sp3
SUSE Linux Enterprise Server=12-sp3
SUSE Linux Enterprise Server=12-sp4
SUSE Linux Enterprise Server=12-sp5
Opensuse Openldap2<2.4.26-0.74.13.1
SUSE Linux Enterprise Debuginfo=11-sp3
SUSE Linux Enterprise Debuginfo=11-sp4
SUSE Linux Enterprise Point of Sale=11-sp3
SUSE Linux Enterprise Server=11
SUSE Linux Enterprise Server=11-sp4
Opensuse Openldap2<2.4.46-9.31.1
Suse Linux Enterprise Server Ltss=15
Suse Linux Enterprise Server Sap=15
Opensuse Openldap2<2.4.46-lp151.10.12.1
openSUSE Leap=15.1
openSUSE Leap=15.2

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is CVE-2020-8023?

    CVE-2020-8023 is a vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, and SUSE Linux Enterprise Server.

  • What is the severity of CVE-2020-8023?

    CVE-2020-8023 has a severity value of 7.8 (high severity).

  • How does CVE-2020-8023 affect Opensuse Openldap2?

    CVE-2020-8023 affects Opensuse Openldap2 in versions 2.4.41-18.71.2 and 2.4.26-0.74.13.1.

  • How does CVE-2020-8023 impact SUSE Enterprise Storage 5?

    CVE-2020-8023 does not impact SUSE Enterprise Storage 5.

  • Where can I find more information about CVE-2020-8023?

    More information about CVE-2020-8023 can be found at the following link: [https://bugzilla.suse.com/show_bug.cgi?id=1172698](https://bugzilla.suse.com/show_bug.cgi?id=1172698)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203