{"api_version":"1","generated_at":"2026-04-23T04:33:44+00:00","cve":"CVE-2021-3020","urls":{"html":"https://cve.report/CVE-2021-3020","api":"https://cve.report/api/cve/CVE-2021-3020.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-3020","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-3020"},"summary":{"title":"CVE-2021-3020","description":"An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to limit this to safe combinations). This user is able to execute an interactive \"shell\" that isn't limited to the commands specified in hawk_invoke, allowing escalation to root.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-08-26 00:15:00","updated_at":"2023-08-08 14:22:00"},"problem_types":["CWE-269"],"metrics":[],"references":[{"url":"https://bugzilla.suse.com/show_bug.cgi?id=1180571","name":"https://bugzilla.suse.com/show_bug.cgi?id=1180571","refsource":"MISC","tags":[],"title":"Access Denied","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82","name":"https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82","refsource":"MISC","tags":[],"title":"Fix: bootstrap: setup authorized ssh access for hacluster(CVE-2020-35… · ClusterLabs/crmsh@c538024 · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/ClusterLabs/hawk/releases","name":"https://github.com/ClusterLabs/hawk/releases","refsource":"MISC","tags":[],"title":"Releases · ClusterLabs/hawk · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-3020","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3020","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"3020","vulnerable":"1","versionEndIncluding":"2.3.0-15","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"clusterlabs","cpe5":"hawk","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-3020","qid":"750318","title":"OpenSUSE Security Update for crmsh (openSUSE-SU-2021:0410-1)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2021-3020","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in ClusterLabs Hawk (aka HA Web Konsole) through 2.3.0-15. It ships the binary hawk_invoke (built from tools/hawk_invoke.c), intended to be used as a setuid program. This allows the hacluster user to invoke certain commands as root (with an attempt to limit this to safe combinations). This user is able to execute an interactive \"shell\" that isn't limited to the commands specified in hawk_invoke, allowing escalation to root."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://github.com/ClusterLabs/hawk/releases","refsource":"MISC","name":"https://github.com/ClusterLabs/hawk/releases"},{"url":"https://bugzilla.suse.com/show_bug.cgi?id=1180571","refsource":"MISC","name":"https://bugzilla.suse.com/show_bug.cgi?id=1180571"},{"refsource":"MISC","name":"https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82","url":"https://github.com/ClusterLabs/crmsh/commit/c538024b8ebd138dc373b005189471d9b77e9c82"}]}},"nvd":{"publishedDate":"2022-08-26 00:15:00","lastModifiedDate":"2023-08-08 14:22:00","problem_types":["CWE-269"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:clusterlabs:hawk:*:*:*:*:*:*:*:*","versionEndIncluding":"2.3.0-15","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"3020","Ordinal":"196967","Title":"CVE-2021-3020","CVE":"CVE-2021-3020","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"3020","Ordinal":"1","NoteData":"** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.","Type":"Description","Title":null}]}}}