漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls
Vulnerability Description
An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e.
CVSS Information
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
缺省权限不正确
Vulnerability Title
SUSE SAP HANA platform bootstrap Salt formula 安全漏洞
Vulnerability Description
SUSE SAP HANA platform bootstrap Salt formula是德国SUSE公司的一个 Salt 公式。用于引导和管理多 SAP HANA 平台环境。 SUSE SAP HANA platform bootstrap Salt formula 存在安全漏洞,攻击者利用该漏洞可以通过 ha_cluster.sls 绕过 saphanabootstrap-formula 的限制,以提升特权。
CVSS Information
N/A
Vulnerability Type
N/A