CyberSec.Space Logo
Back to CVE Browser

CVE-2021-3020

HIGH
8.8
CVSS Severity Score
EPSS Score0.0080%
EPSS Percentile17.11th
PublishedAug 26, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to limit this to safe combinations). This user is able to execute an interactive "shell" that isn't limited to the commands specified in hawk_invoke, allowing escalation to root.

Affected Platforms (CPE)

πŸ“¦
Clusterlabs

Hawk

<= 2.3.0-15

References & Advisories

πŸ”— https://bugzilla.suse.com/show_bug.cgi?id=1180571
πŸ”— https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82
πŸ”— https://github.com/ClusterLabs/hawk/releases
πŸ”— https://bugzilla.suse.com/show_bug.cgi?id=1180571
πŸ”— https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82
πŸ”— https://github.com/ClusterLabs/hawk/releases

Related Vulnerabilities

CVE-2008-333810.0

Multiple buffer overflows in TIBCO Hawk (1) AMI C library (libtibhawkami) and (2) Hawk HMA (tibhawkhma), as used in TIBCO Hawk bef...

CVE-2020-354589.8

An issue was discovered in ClusterLabs Hawk 2.x through 2.3.0-x. There is a Ruby shell code injection issue via the hawk_remember_...

CVE-2002-08787.5

SQL injection vulnerability in the login form for LogiSense software including (1) Hawk-i Billing, (2) Hawk-i ASP and (3) DNS Mana...

CVE-2004-16377.5

The Hawking Technologies HAR11A modem/router allows remote attackers to obtain sensitive information by connecting to port 254, wh...