PT-2021-7506 · Clusterlabs+1 · Clusterlabs Hawk+1

Vincent Berg

Published

2021-01-12

Updated

2024-06-15

CVE-2020-35458

CVSS v3.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ClusterLabs Hawk versions 2.x through 2.3.0-x

Description The issue exists due to the lack of neutralization of special elements used in the operating system command. This allows a remote attacker to execute arbitrary code. Specifically, there is a Ruby shell code injection issue via the hawk remember me id parameter in the login from cookie cookie. The user logout routine can be used by unauthenticated remote attackers to execute code as hauser.

Recommendations For versions 2.x through 2.3.0-x, consider disabling the hawk remember me id parameter in the login from cookie cookie as a temporary workaround to minimize the risk of exploitation. Restrict access to the user logout routine to prevent unauthenticated remote attackers from executing code as hauser.

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

BDU:2022-07038

CVE-2020-35458

OPENSUSE-SU-2021:0054-1

OPENSUSE-SU-2021:0074-1

OPENSUSE-SU-2021:0144-1

OPENSUSE-SU-2021:0147-1

OPENSUSE-SU-2021_0054-1

OPENSUSE-SU-2021_0074-1

OPENSUSE-SU-2021_0144-1

OPENSUSE-SU-2021_0147-1

OPENSUSE-SU-2024:12952-1

SUSE-SU-2021:0088-1

SUSE-SU-2021:0089-1

SUSE-SU-2021:0090-1

SUSE-SU-2021:0192-1

SUSE-SU-2021:0198-1

SUSE-SU-2021:0200-1

SUSE-SU-2021_0088-1

SUSE-SU-2021_0089-1

SUSE-SU-2021_0090-1

SUSE-SU-2021_0192-1

SUSE-SU-2021_0198-1

SUSE-SU-2021_0200-1

Affected Products

Clusterlabs Hawk

Suse

PT-2021-7506 · Clusterlabs+1 · Clusterlabs Hawk+1

CVE-2020-35458

Weakness Enumeration

Related Identifiers

Affected Products

References · 34