← Back to CVE List

CVE-2019-18897

Published: 2020-03-02T16:15Z
Last Modified: 2024-11-21T04:33Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt