{"id":"CVE-2021-31998","details":"A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2.","modified":"2026-03-14T10:56:20.721911Z","published":"2021-06-10T12:15:08.920Z","related":["SUSE-SU-2021:14750-1","openSUSE-SU-2021:0830-1","openSUSE-SU-2021:0845-1"],"references":[{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=1182321"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.4.2-170.21.3.1"}]},{"events":[{"introduced":"0"},{"fixed":"2.6.2"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-31998.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}