Missing Authentication for Critical Function in SUSE Longhorn: Unauthenticated Execution of Binaries

Missing Authentication for Critical Function in SUSE Longhorn: Unauthenticated Execution of Binaries

CVE-2021-36779 · CRITICAL Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions prior to 1.2.3.

Learn more about our Cis Benchmark Audit For Suse Linux Enterprise Server.