CVE-2021-3020

Name of the Vulnerable Software and Affected Versions ClusterLabs Hawk versions 2.3.0 through 2.3.0-15

Description The issue in ClusterLabs Hawk is related to the hawk invoke binary, which is intended to be used as a setuid program, allowing the hacluster user to invoke certain commands as root. However, this user can execute an interactive shell that isn't limited to the commands specified in hawk invoke, allowing escalation to root. The vulnerability may allow a remote attacker to execute arbitrary commands as the root user.

Recommendations For ClusterLabs Hawk versions 2.3.0 through 2.3.0-15, consider disabling the hawk invoke binary until a patch is available to prevent the hacluster user from invoking commands as root and to minimize the risk of exploitation. As a temporary workaround, restrict access to the hawk invoke binary to prevent unauthorized use. At the moment, there is no information about a newer version that contains a fix for this vulnerability.