Vulnerability CVE-2021-25321

Vulnerability Name:

CVE-2021-25321 (CCN-204721)

Assigned:

2021-06-28

Published:

2021-06-28

Updated:

2023-06-22

Summary:

CVSS v3 Severity:

7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2021-25321

Source: CCN
Type: Bugzilla - Bug 1186240
(CVE-2021-25321) VUL-0: CVE-2021-25321: arpwatch: LPE from runtime user to root

Source: meissner@suse.de
Type: Exploit, Issue Tracking, Vendor Advisory
meissner@suse.de

Source: XF
Type: UNKNOWN
suse-cve202125321-priv-esc(204721)

Source: CCN
Type: SUSE-SU-2021:2175-1
important: Security update for arpwatch

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7438	P	arpwatch-2.1a15-5.12.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:734	P	Security update for openvswitch (Moderate)	2022-09-06
oval:org.opensuse.security:def:3635	P	Security update for python-PyJWT (Important)	2022-07-14
oval:org.opensuse.security:def:3450	P	ceph-common-12.2.12+git.1568024032.02236657ca-2.39.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94562	P	git-core-2.35.3-150300.10.12.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2866	P	arpwatch-2.1a15-5.12.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94496	P	arpwatch-2.1a15-5.12.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95306	P	Security update for webkit2gtk3 (Important)	2022-06-14
oval:org.opensuse.security:def:99494	P	(Important)	2022-03-04
oval:org.opensuse.security:def:102019	P	Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP3) (Important)	2022-03-01
oval:org.opensuse.security:def:6076	P	Security update for log4j (Important)	2022-01-27
oval:org.opensuse.security:def:111976	P	arpwatch-3.1-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:99693	P	(Moderate)	2021-11-09
oval:org.opensuse.security:def:100001	P	(Moderate)	2021-10-20
oval:org.opensuse.security:def:105538	P	arpwatch-3.1-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:101275	P	jetty-http-9.4.38-3.6.2 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:111606	P	Security update for arpwatch (Important)	2021-07-11
oval:org.opensuse.security:def:111471	P	Security update for arpwatch (Important)	2021-07-01
oval:org.opensuse.security:def:33682	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:59763	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:89160	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:29394	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:55924	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:84632	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:38076	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:76233	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:93248	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:127133	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:97142	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:9545	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:91958	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:66847	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:99295	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:31650	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:57959	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:87422	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:23617	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:51605	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:83308	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:73661	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:92743	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:117456	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:8797	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:69884	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:33940	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:60301	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:89418	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:30101	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:56044	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:85681	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:38712	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:43142	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:9744	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:92153	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:5758	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:67165	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:32136	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:58781	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:88152	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:23934	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:51922	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:83428	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:107941	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:73846	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:92942	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:125567	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:8992	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:70253	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:34478	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:64539	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:98908	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:30221	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:57040	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:86114	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:40005	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:44435	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:10113	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:92345	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:69499	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:32958	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:59505	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:88466	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:26085	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:55217	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:84173	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:108685	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:75915	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:93095	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:126736	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:9359	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:70435	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:101465	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:64724	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:99103	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:31217	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:57473	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:86600	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:41191	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:45621	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:82601	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:10295	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:92544	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:5072	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:8615	P	Security update for arpwatch (Important)	2021-06-28
oval:org.opensuse.security:def:69685	P	Security update for arpwatch (Important)	2021-06-28

BACK