CWE-59
AllowedImproper Link Resolution Before File Access ('Link Following')
Abstraction: Base · Status: Draft
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
1990 vulnerabilities reference this CWE, most recent first.
CVE-2020-5738 (GCVE-0-2020-5738)
Vulnerability from cvelistv5 – Published: 2020-04-14 13:48 – Updated: 2024-08-04 08:39| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2020-22 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Grandstream GXP1600 Series |
Affected:
1.0.4.152 and below
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.629Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2020-22"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Grandstream GXP1600 Series",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "1.0.4.152 and below"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/upload_vpntar interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-14T13:48:44.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2020-22"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2020-5738",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Grandstream GXP1600 Series",
"version": {
"version_data": [
{
"version_value": "1.0.4.152 and below"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/upload_vpntar interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2020-22",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2020-22"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2020-5738",
"datePublished": "2020-04-14T13:48:44.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.629Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3437 (GCVE-0-2020-3437)
Vulnerability from cvelistv5 – Published: 2020-07-16 17:22 – Updated: 2024-11-13 18:19| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| http://packetstormsecurity.com/files/162958/Cisco… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco SD-WAN vManage |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:53.976Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200715 Cisco SD-WAN vManage Software Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanwebid-5QWMcCvt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162958/Cisco-SD-WAN-vManage-19.2.2-Remote-Root.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3437",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:25:13.106189Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:19:17.447Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco SD-WAN vManage",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-07-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker could exploit this vulnerability by creating a specific file reference on the filesystem and then accessing it through the web-based management interface. A successful exploit could allow the attacker to read arbitrary files from the filesystem of the underlying operating system."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-03T17:06:18.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200715 Cisco SD-WAN vManage Software Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanwebid-5QWMcCvt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162958/Cisco-SD-WAN-vManage-19.2.2-Remote-Root.html"
}
],
"source": {
"advisory": "cisco-sa-vmanwebid-5QWMcCvt",
"defect": [
[
"CSCvt65026"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco SD-WAN vManage Software Information Disclosure Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-07-15T16:00:00",
"ID": "CVE-2020-3437",
"STATE": "PUBLIC",
"TITLE": "Cisco SD-WAN vManage Software Information Disclosure Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco SD-WAN vManage",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker could exploit this vulnerability by creating a specific file reference on the filesystem and then accessing it through the web-based management interface. A successful exploit could allow the attacker to read arbitrary files from the filesystem of the underlying operating system."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200715 Cisco SD-WAN vManage Software Information Disclosure Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanwebid-5QWMcCvt"
},
{
"name": "http://packetstormsecurity.com/files/162958/Cisco-SD-WAN-vManage-19.2.2-Remote-Root.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162958/Cisco-SD-WAN-vManage-19.2.2-Remote-Root.html"
}
]
},
"source": {
"advisory": "cisco-sa-vmanwebid-5QWMcCvt",
"defect": [
[
"CSCvt65026"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3437",
"datePublished": "2020-07-16T17:22:33.436Z",
"dateReserved": "2019-12-12T00:00:00.000Z",
"dateUpdated": "2024-11-13T18:19:17.447Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3432 (GCVE-0-2020-3432)
Vulnerability from cvelistv5 – Published: 2025-02-11 23:56 – Updated: 2025-02-26 18:00- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco Secure Client |
Affected:
N/A
|
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2020-3432",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-12T15:03:38.132125Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-26T18:00:06.405Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Secure Client",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "N/A"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the uninstaller component of Cisco AnyConnect Secure Mobility Client for Mac OS could allow an authenticated, local attacker to corrupt the content of any file in the filesystem.\r\nThe vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a symbolic link (symlink) to a target file on a specific path. A successful exploit could allow the attacker to corrupt the contents of the file. If the file is a critical systems file, the exploit could lead to a denial of service condition. To exploit this vulnerability, the attacker would need to have valid credentials on the system.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H/E:X/RL:X/RC:X",
"version": "3.0"
},
"format": "cvssV3_0"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-24T15:17:09.212Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-anyconnect-mac-dos-36s2y3Lv",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-mac-dos-36s2y3Lv"
}
],
"source": {
"advisory": "cisco-sa-anyconnect-mac-dos-36s2y3Lv",
"defects": [
"CSCvt78191"
],
"discovery": "EXTERNAL"
},
"title": "Cisco AnyConnect Secure Mobility Client for Mac OS File Corruption Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3432",
"datePublished": "2025-02-11T23:56:34.113Z",
"dateReserved": "2019-12-12T00:00:00.000Z",
"dateUpdated": "2025-02-26T18:00:06.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3237 (GCVE-0-2020-3237)
Vulnerability from cvelistv5 – Published: 2020-06-03 17:55 – Updated: 2024-11-15 17:11| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:58.157Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200603 Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-caf-file-mVnPqKW9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3237",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:24:07.937834Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:11:36.744Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOx",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could exploit this vulnerability by including a crafted file in an application package. An exploit could allow the attacker to overwrite files."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-03T17:55:58.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200603 Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-caf-file-mVnPqKW9"
}
],
"source": {
"advisory": "cisco-sa-caf-file-mVnPqKW9",
"defect": [
[
"CSCvr30027"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-06-03T16:00:00",
"ID": "CVE-2020-3237",
"STATE": "PUBLIC",
"TITLE": "Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOx",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Cisco Application Framework component of the Cisco IOx application environment could allow an authenticated, local attacker to overwrite arbitrary files in the virtual instance that is running on the affected device. The vulnerability is due to insufficient path restriction enforcement. An attacker could exploit this vulnerability by including a crafted file in an application package. An exploit could allow the attacker to overwrite files."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.3",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200603 Cisco IOx Application Framework Arbitrary File Overwrite Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-caf-file-mVnPqKW9"
}
]
},
"source": {
"advisory": "cisco-sa-caf-file-mVnPqKW9",
"defect": [
[
"CSCvr30027"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3237",
"datePublished": "2020-06-03T17:55:59.024Z",
"dateReserved": "2019-12-12T00:00:00.000Z",
"dateUpdated": "2024-11-15T17:11:36.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3223 (GCVE-0-2020-3223)
Vulnerability from cvelistv5 – Published: 2020-06-03 17:41 – Updated: 2024-11-15 17:15| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco IOS XE Software 16.9.4 |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:57.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200603 Cisco IOS XE Software Web UI Arbitrary File Read Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-filerd-HngnDYGk"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:28:11.725864Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:15:25.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software 16.9.4",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker could exploit this vulnerability by creating a specific file reference on the filesystem and then accessing it through the web UI. An exploit could allow the attacker to read arbitrary files from the underlying operating system\u0027s filesystem."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-03T17:41:55.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200603 Cisco IOS XE Software Web UI Arbitrary File Read Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-filerd-HngnDYGk"
}
],
"source": {
"advisory": "cisco-sa-webui-filerd-HngnDYGk",
"defect": [
[
"CSCvq90852"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE Software Web UI Arbitrary File Read Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-06-03T16:00:00",
"ID": "CVE-2020-3223",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software Web UI Arbitrary File Read Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software 16.9.4",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker could exploit this vulnerability by creating a specific file reference on the filesystem and then accessing it through the web UI. An exploit could allow the attacker to read arbitrary files from the underlying operating system\u0027s filesystem."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200603 Cisco IOS XE Software Web UI Arbitrary File Read Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-filerd-HngnDYGk"
}
]
},
"source": {
"advisory": "cisco-sa-webui-filerd-HngnDYGk",
"defect": [
[
"CSCvq90852"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3223",
"datePublished": "2020-06-03T17:41:55.670Z",
"dateReserved": "2019-12-12T00:00:00.000Z",
"dateUpdated": "2024-11-15T17:15:25.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2026 (GCVE-0-2020-2026)
Vulnerability from cvelistv5 – Published: 2020-06-10 17:27 – Updated: 2024-09-16 19:35- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
| https://github.com/kata-containers/runtime/issues/2712 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/pull/2713 | x_refsource_MISC |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
1.11 , < 1.11.1
(custom)
Affected: 1.10 , < 1.10.5 (custom) Affected: 1 , ≤ 1.9 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "1.11",
"versionType": "custom"
},
{
"lessThan": "1.10.5",
"status": "affected",
"version": "1.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.9",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor based guests."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T03:06:14.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-06-10T16:00:00.000Z",
"ID": "CVE-2020-2026",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.11",
"version_value": "1.11.1"
},
{
"version_affected": "\u003c",
"version_name": "1.10",
"version_value": "1.10.5"
},
{
"version_affected": "\u003c=",
"version_name": "1",
"version_value": "1.9"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor based guests."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.11.1",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.10.5",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"name": "https://github.com/kata-containers/runtime/issues/2712",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"name": "https://github.com/kata-containers/runtime/pull/2713",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2026",
"datePublished": "2020-06-10T17:27:46.151Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:35:42.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2024 (GCVE-0-2020-2024)
Vulnerability from cvelistv5 – Published: 2020-05-19 21:05 – Updated: 2024-09-17 01:01- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/issues/2474 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/pull/2475 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
unspecified , < 1.11.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-19T21:05:19.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-05-19T16:00:00.000Z",
"ID": "CVE-2020-2024",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.11.0"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/issues/2474",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"name": "https://github.com/kata-containers/runtime/pull/2475",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2024",
"datePublished": "2020-05-19T21:05:19.715Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:01:22.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18901 (GCVE-0-2019-18901)
Vulnerability from cvelistv5 – Published: 2020-03-02 16:10 – Updated: 2024-09-17 01:16- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.suse.com/show_bug.cgi?id=1160895 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server 12 |
Affected:
mariadb , < 10.2.31-3.25.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise Server 15 |
Affected:
mariadb , < 10.2.31-3.26.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2020:0289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1160895"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SUSE Linux Enterprise Server 12",
"vendor": "SUSE",
"versions": [
{
"lessThan": "10.2.31-3.25.1",
"status": "affected",
"version": "mariadb",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise Server 15",
"vendor": "SUSE",
"versions": [
{
"lessThan": "10.2.31-3.26.1",
"status": "affected",
"version": "mariadb",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Matthias Gerstner"
}
],
"datePublic": "2020-02-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-20T15:45:08.000Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"name": "openSUSE-SU-2020:0289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1160895"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1160895",
"defect": [
"1160895"
],
"discovery": "INTERNAL"
},
"title": "mysql-systemd-helper allows setting 640 permissions of arbitrary files",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2020-02-05T00:00:00.000Z",
"ID": "CVE-2019-18901",
"STATE": "PUBLIC",
"TITLE": "mysql-systemd-helper allows setting 640 permissions of arbitrary files"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise Server 12",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "mariadb",
"version_value": "10.2.31-3.25.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Server 15",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "mariadb",
"version_value": "10.2.31-3.26.1"
}
]
}
}
]
},
"vendor_name": "SUSE"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Matthias Gerstner"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2020:0289",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1160895",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1160895"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1160895",
"defect": [
"1160895"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2019-18901",
"datePublished": "2020-03-02T16:10:13.772Z",
"dateReserved": "2019-11-12T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:16:43.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18898 (GCVE-0-2019-18898)
Vulnerability from cvelistv5 – Published: 2020-01-23 14:05 – Updated: 2024-09-16 18:24- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.suse.com/show_bug.cgi?id=1157651 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server 15 SP1 |
Affected:
trousers , < 0.3.14-6.3.1
(custom)
|
|
| openSUSE | Factory |
Affected:
trousers , < 0.3.14-7.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2020:0744",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00066.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157651"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SUSE Linux Enterprise Server 15 SP1",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.3.14-6.3.1",
"status": "affected",
"version": "trousers",
"versionType": "custom"
}
]
},
{
"product": "Factory",
"vendor": "openSUSE",
"versions": [
{
"lessThan": "0.3.14-7.1",
"status": "affected",
"version": "trousers",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Johannes Segitz from SUSE"
}
],
"datePublic": "2019-11-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-20T15:45:08.000Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"name": "openSUSE-SU-2020:0744",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00066.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157651"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157651",
"defect": [
"1157651"
],
"discovery": "INTERNAL"
},
"title": "trousers: Local privilege escalation from tss to root",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2019-11-26T00:00:00.000Z",
"ID": "CVE-2019-18898",
"STATE": "PUBLIC",
"TITLE": "trousers: Local privilege escalation from tss to root"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise Server 15 SP1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "trousers",
"version_value": "0.3.14-6.3.1"
}
]
}
}
]
},
"vendor_name": "SUSE"
},
{
"product": {
"product_data": [
{
"product_name": "Factory",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "trousers",
"version_value": "0.3.14-7.1"
}
]
}
}
]
},
"vendor_name": "openSUSE"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Johannes Segitz from SUSE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2020:0744",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00066.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1157651",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157651"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157651",
"defect": [
"1157651"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2019-18898",
"datePublished": "2020-01-23T14:05:14.446Z",
"dateReserved": "2019-11-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:24:53.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18897 (GCVE-0-2019-18897)
Vulnerability from cvelistv5 – Published: 2020-03-02 15:20 – Updated: 2024-09-17 01:21- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.suse.com/show_bug.cgi?id=1157465 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server 12 |
Affected:
salt-master , ≤ 2019.2.0-46.83.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise Server 15 |
Affected:
salt-master , ≤ 2019.2.0-6.21.1
(custom)
|
|
| openSUSE | Factory |
Affected:
salt-master , ≤ 2019.2.2-3.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.827Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2020:0357",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157465"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SUSE Linux Enterprise Server 12",
"vendor": "SUSE",
"versions": [
{
"lessThanOrEqual": "2019.2.0-46.83.1",
"status": "affected",
"version": "salt-master",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise Server 15",
"vendor": "SUSE",
"versions": [
{
"lessThanOrEqual": "2019.2.0-6.21.1",
"status": "affected",
"version": "salt-master",
"versionType": "custom"
}
]
},
{
"product": "Factory",
"vendor": "openSUSE",
"versions": [
{
"lessThanOrEqual": "2019.2.2-3.1",
"status": "affected",
"version": "salt-master",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Johannes Segitz"
}
],
"datePublic": "2020-02-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-20T15:45:08.000Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"name": "openSUSE-SU-2020:0357",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157465"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157465",
"defect": [
"1157465"
],
"discovery": "INTERNAL"
},
"title": "Local privilege escalation from user salt to root",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2020-02-24T00:00:00.000Z",
"ID": "CVE-2019-18897",
"STATE": "PUBLIC",
"TITLE": "Local privilege escalation from user salt to root"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise Server 12",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "salt-master",
"version_value": "2019.2.0-46.83.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Server 15",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "salt-master",
"version_value": "2019.2.0-6.21.1"
}
]
}
}
]
},
"vendor_name": "SUSE"
},
{
"product": {
"product_data": [
{
"product_name": "Factory",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "salt-master",
"version_value": "2019.2.2-3.1"
}
]
}
}
]
},
"vendor_name": "openSUSE"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Johannes Segitz"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2020:0357",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1157465",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157465"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157465",
"defect": [
"1157465"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2019-18897",
"datePublished": "2020-03-02T15:20:27.294Z",
"dateReserved": "2019-11-12T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:21:20.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-48.1
Strategy: Separation of Privilege
- Follow the principle of least privilege when assigning access rights to entities in a software system.
- Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CAPEC-132: Symlink Attack
An adversary positions a symbolic link in such a manner that the targeted user or application accesses the link's endpoint, assuming that it is accessing a file with the link's name.
CAPEC-17: Using Malicious Files
An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
CAPEC-35: Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.
CAPEC-76: Manipulating Web Input to File System Calls
An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.