A vulnerability classified as critical was found in SuSE Linux Enterprise Server 15 (Operating System). Affected by this vulnerability is an unknown code of the component munge. The manipulation with an unknown input leads to a symlink vulnerability. The CWE definition for the vulnerability is CWE-61. The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files. As an impact it is known to affect confidentiality, integrity, and availability. The summary by CVE is:

A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. This issue affects: SUSE SUSE Linux Enterprise Server 15 munge versions prior to 0.5.13-4.3.1. openSUSE Factory munge versions prior to 0.5.13-6.1.

The weakness was presented 01/23/2020 as Bug 1155075 as not defined bug report (Bugzilla). The advisory is shared at bugzilla.suse.com. This vulnerability is known as CVE-2019-3691 since 01/03/2019. An attack has to be approached locally. A single authentication is needed for exploitation. Neither technical details nor an exploit are publicly available. The price for an exploit might be around USD $5k-$25k at the moment (estimation calculated on 01/24/2020).

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Productinfo

Type

• Operating System

Vendor

• SuSE

Name

• Linux Enterprise Server

Version

• 15

License

• open-source

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion