CVE-2020-35459: CVE-2020-35459

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-35459

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call "crm history" (when "crm" is run) were able to execute commands via shell code injection to the crm history commandline, potentially allowing escalation of privileges.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Clusterlabs Crmsh 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Clusterlabs Crmsh是ClusterLabs（Clusterlabs）团队的一个适用于GNU/Linux系统用于高可用性集群管理的命令行软件。 ClusterLabs crmsh 4.2.1 存在安全漏洞，攻击者可利用该漏洞提升权限。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2020-35459

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-35459

Please Login to view more intelligence information

https://github.com/ClusterLabs/crmsh/releasesx_refsource_MISC
https://github.com/ClusterLabs/crmsh/blob/a403aa15f3ea575adfe5e43bf2a31c9f9094fcda/crmsh/history.py#L476x_refsource_MISC
https://www.openwall.com/lists/oss-security/2021/01/12/3x_refsource_CONFIRM
https://bugzilla.suse.com/show_bug.cgi?id=1179999x_refsource_MISC
http://www.openwall.com/lists/oss-security/2021/01/12/3mailing-listx_refsource_MLIST
https://lists.debian.org/debian-lts-announce/2021/01/msg00021.htmlmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2020-35459

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2020-35459

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2020-35459

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-35459

III. Intelligence Information for CVE-2020-35459

IV. Related Vulnerabilities

V. Comments for CVE-2020-35459

Leave a comment