Vulnerabilites related to openEuler - atune
cve-2021-33658
Vulnerability from cvelistv5
Published
2022-03-11 17:54
Modified
2024-08-03 23:58
Severity ?
EPSS score ?
Summary
atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:58:22.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "atune",
"vendor": "openEuler",
"versions": [
{
"status": "affected",
"version": "0.3-0.8"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-11T17:54:21",
"orgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2",
"shortName": "openEuler"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "securities@openeuler.org",
"ID": "CVE-2021-33658",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "atune",
"version": {
"version_data": [
{
"version_value": "0.3-0.8"
}
]
}
}
]
},
"vendor_name": "openEuler"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "atune before 0.3-0.8 log in as a local user and run the curl command to access the local atune url interface to escalate the local privilege or modify any file. Authentication is not forcibly enabled in the default configuration."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541",
"refsource": "CONFIRM",
"url": "https://www.openeuler.org/zh/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1541"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7e1ac599-2767-43fa-b3ea-f10178cc98f2",
"assignerShortName": "openEuler",
"cveId": "CVE-2021-33658",
"datePublished": "2022-03-11T17:54:21",
"dateReserved": "2021-05-28T00:00:00",
"dateUpdated": "2024-08-03T23:58:22.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}