CWE-59
AllowedImproper Link Resolution Before File Access ('Link Following')
Abstraction: Base · Status: Draft
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
1990 vulnerabilities reference this CWE, most recent first.
CVE-2019-3691 (GCVE-0-2019-3691)
Vulnerability from cvelistv5 – Published: 2020-01-23 16:00 – Updated: 2024-09-16 22:15- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://bugzilla.suse.com/show_bug.cgi?id=1155075 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server 15 |
Affected:
munge , < 0.5.13-4.3.1
(custom)
|
|
| openSUSE | Factory |
Affected:
munge , < 0.5.13-6.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:16.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1155075"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SUSE Linux Enterprise Server 15",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.5.13-4.3.1",
"status": "affected",
"version": "munge",
"versionType": "custom"
}
]
},
{
"product": "Factory",
"vendor": "openSUSE",
"versions": [
{
"lessThan": "0.5.13-6.1",
"status": "affected",
"version": "munge",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Johannes Segitz from SUSE"
}
],
"datePublic": "2019-12-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. This issue affects: SUSE Linux Enterprise Server 15 munge versions prior to 0.5.13-4.3.1. openSUSE Factory munge versions prior to 0.5.13-6.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-20T15:45:08.000Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1155075"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1155075",
"defect": [
"1155075"
],
"discovery": "INTERNAL"
},
"title": "Local privilege escalation from user munge to root",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2019-12-05T00:00:00.000Z",
"ID": "CVE-2019-3691",
"STATE": "PUBLIC",
"TITLE": "Local privilege escalation from user munge to root"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise Server 15",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "munge",
"version_value": "0.5.13-4.3.1"
}
]
}
}
]
},
"vendor_name": "SUSE"
},
{
"product": {
"product_data": [
{
"product_name": "Factory",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "munge",
"version_value": "0.5.13-6.1"
}
]
}
}
]
},
"vendor_name": "openSUSE"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Johannes Segitz from SUSE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. This issue affects: SUSE Linux Enterprise Server 15 munge versions prior to 0.5.13-4.3.1. openSUSE Factory munge versions prior to 0.5.13-6.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1155075",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1155075"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1155075",
"defect": [
"1155075"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2019-3691",
"datePublished": "2020-01-23T16:00:20.042Z",
"dateReserved": "2019-01-03T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:15:11.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3690 (GCVE-0-2019-3690)
Vulnerability from cvelistv5 – Published: 2019-12-05 15:30 – Updated: 2024-09-16 16:38- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.suse.com/show_bug.cgi?id=1150734 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| SUSE | permissions |
Affected:
unspecified , < a9e1d26cd49ef9ee0c2060c859321128a6dd4230
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:19:16.801Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2019:2672",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1150734"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "permissions",
"vendor": "SUSE",
"versions": [
{
"lessThan": "a9e1d26cd49ef9ee0c2060c859321128a6dd4230",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Malte Kraus of SUSE"
}
],
"datePublic": "2019-12-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-20T15:45:08.000Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"name": "openSUSE-SU-2019:2672",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1150734"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1150734",
"defect": [
"1150733"
],
"discovery": "INTERNAL"
},
"title": "chkstat follows untrusted symbolic links",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2019-12-05",
"ID": "CVE-2019-3690",
"STATE": "PUBLIC",
"TITLE": "chkstat follows untrusted symbolic links"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "permissions",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "a9e1d26cd49ef9ee0c2060c859321128a6dd4230"
}
]
}
}
]
},
"vendor_name": "SUSE"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Malte Kraus of SUSE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2019:2672",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00024.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1150734",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1150734"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1150734",
"defect": [
"1150733"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2019-3690",
"datePublished": "2019-12-05T15:30:15.557Z",
"dateReserved": "2019-01-03T00:00:00.000Z",
"dateUpdated": "2024-09-16T16:38:49.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-14651 (GCVE-0-2018-14651)
Vulnerability from cvelistv5 – Published: 2018-10-31 21:00 – Updated: 2024-08-05 09:38| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2018:3431 | vendor-advisoryx_refsource_REDHAT |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://access.redhat.com/errata/RHSA-2018:3432 | vendor-advisoryx_refsource_REDHAT |
| https://security.gentoo.org/glsa/201904-06 | vendor-advisoryx_refsource_GENTOO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:12.621Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14651"
},
{
"name": "RHSA-2018:3431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3431"
},
{
"name": "[debian-lts-announce] 20181105 [SECURITY] [DLA 1565-1] glusterfs security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00003.html"
},
{
"name": "RHSA-2018:3432",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3432"
},
{
"name": "GLSA-201904-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-06"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "glusterfs",
"vendor": "[UNKNOWN]",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-10-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes via symlinks to relative paths."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-02T06:06:05.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14651"
},
{
"name": "RHSA-2018:3431",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3431"
},
{
"name": "[debian-lts-announce] 20181105 [SECURITY] [DLA 1565-1] glusterfs security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/11/msg00003.html"
},
{
"name": "RHSA-2018:3432",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3432"
},
{
"name": "GLSA-201904-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-06"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-14651",
"datePublished": "2018-10-31T21:00:00.000Z",
"dateReserved": "2018-07-27T00:00:00.000Z",
"dateUpdated": "2024-08-05T09:38:12.621Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10928 (GCVE-0-2018-10928)
Vulnerability from cvelistv5 – Published: 2018-09-04 15:00 – Updated: 2024-08-05 07:54| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2018:2607 | vendor-advisoryx_refsource_REDHAT |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
| https://access.redhat.com/errata/RHSA-2018:2608 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:3470 | vendor-advisoryx_refsource_REDHAT |
| https://security.gentoo.org/glsa/201904-06 | vendor-advisoryx_refsource_GENTOO |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://lists.debian.org/debian-lts-announce/2021… | mailing-listx_refsource_MLIST |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:54:36.029Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10928"
},
{
"name": "RHSA-2018:2607",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2607"
},
{
"name": "[debian-lts-announce] 20180920 [SECURITY] [DLA 1510-1] glusterfs security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html"
},
{
"name": "RHSA-2018:2608",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2608"
},
{
"name": "RHSA-2018:3470",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3470"
},
{
"name": "GLSA-201904-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201904-06"
},
{
"name": "openSUSE-SU-2020:0079",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html"
},
{
"name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "glusterfs",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-11-02T02:06:16.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10928"
},
{
"name": "RHSA-2018:2607",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2607"
},
{
"name": "[debian-lts-announce] 20180920 [SECURITY] [DLA 1510-1] glusterfs security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html"
},
{
"name": "RHSA-2018:2608",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2608"
},
{
"name": "RHSA-2018:3470",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3470"
},
{
"name": "GLSA-201904-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201904-06"
},
{
"name": "openSUSE-SU-2020:0079",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html"
},
{
"name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2018-10928",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "glusterfs",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "8.8/CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10928",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10928"
},
{
"name": "RHSA-2018:2607",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2607"
},
{
"name": "[debian-lts-announce] 20180920 [SECURITY] [DLA 1510-1] glusterfs security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00021.html"
},
{
"name": "RHSA-2018:2608",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2608"
},
{
"name": "RHSA-2018:3470",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3470"
},
{
"name": "GLSA-201904-06",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201904-06"
},
{
"name": "openSUSE-SU-2020:0079",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00035.html"
},
{
"name": "[debian-lts-announce] 20211101 [SECURITY] [DLA 2806-1] glusterfs security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2021/11/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-10928",
"datePublished": "2018-09-04T15:00:00.000Z",
"dateReserved": "2018-05-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:54:36.029Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-10897 (GCVE-0-2018-10897)
Vulnerability from cvelistv5 – Published: 2018-08-01 17:00 – Updated: 2024-08-05 07:54| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1041594 | vdb-entryx_refsource_SECTRACK |
| https://access.redhat.com/errata/RHSA-2018:2285 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:2284 | vendor-advisoryx_refsource_REDHAT |
| https://github.com/rpm-software-management/yum-ut… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2018:2626 | vendor-advisoryx_refsource_REDHAT |
| https://github.com/rpm-software-management/yum-ut… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_CONFIRM |
| https://help.ecostruxureit.com/display/public/UAD… | x_refsource_CONFIRM |
| https://github.com/rpm-software-management/yum-ut… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| The RPM Project | yum-utils: |
Affected:
1.1.31
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T07:54:34.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1041594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041594"
},
{
"name": "RHSA-2018:2285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2285"
},
{
"name": "RHSA-2018:2284",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2284"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rpm-software-management/yum-utils/commit/6a8de061f8fdc885e74ebe8c94625bf53643b71c"
},
{
"name": "RHSA-2018:2626",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2626"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rpm-software-management/yum-utils/commit/7554c0133eb830a71dc01846037cc047d0acbc2c"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10897"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/rpm-software-management/yum-utils/pull/43"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "yum-utils:",
"vendor": "The RPM Project",
"versions": [
{
"status": "affected",
"version": "1.1.31"
}
]
}
],
"datePublic": "2018-07-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A directory traversal issue was found in reposync, a part of yum-utils, where reposync fails to sanitize paths in remote repository configuration files. If an attacker controls a repository, they may be able to copy files outside of the destination directory on the targeted system via path traversal. If reposync is running with heightened privileges on a targeted system, this flaw could potentially result in system compromise via the overwriting of critical system files. Version 1.1.31 and older are believed to be affected."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-30T20:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "1041594",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041594"
},
{
"name": "RHSA-2018:2285",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2285"
},
{
"name": "RHSA-2018:2284",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2284"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rpm-software-management/yum-utils/commit/6a8de061f8fdc885e74ebe8c94625bf53643b71c"
},
{
"name": "RHSA-2018:2626",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2626"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rpm-software-management/yum-utils/commit/7554c0133eb830a71dc01846037cc047d0acbc2c"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10897"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rpm-software-management/yum-utils/pull/43"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-10897",
"datePublished": "2018-08-01T17:00:00.000Z",
"dateReserved": "2018-05-09T00:00:00.000Z",
"dateUpdated": "2024-08-05T07:54:34.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-1063 (GCVE-0-2018-1063)
Vulnerability from cvelistv5 – Published: 2018-03-02 15:00 – Updated: 2024-08-05 03:51- CWE-59 - >CWE-282
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1550122 | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2018:0913 | vendor-advisoryx_refsource_REDHAT |
| Vendor | Product | Version | |
|---|---|---|---|
| SELinux Project | policycoreutils |
Affected:
2.5-11 and newer
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:51:47.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550122"
},
{
"name": "RHSA-2018:0913",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0913"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "policycoreutils",
"vendor": "SELinux Project",
"versions": [
{
"status": "affected",
"version": "2.5-11 and newer"
}
]
}
],
"datePublic": "2018-02-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions. This only happens when the relabeling process is done, usually when taking SELinux state from disabled to enable (permissive or enforcing). The issue was found in policycoreutils 2.5-11."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59-\u003eCWE-282",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-11T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1550122"
},
{
"name": "RHSA-2018:0913",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0913"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2018-1063",
"datePublished": "2018-03-02T15:00:00.000Z",
"dateReserved": "2017-12-04T00:00:00.000Z",
"dateUpdated": "2024-08-05T03:51:47.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-15097 (GCVE-0-2017-15097)
Vulnerability from cvelistv5 – Published: 2018-07-27 20:00 – Updated: 2024-08-05 19:50| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2017:3402 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:3403 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:3405 | vendor-advisoryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1039983 | vdb-entryx_refsource_SECTRACK |
| https://access.redhat.com/errata/RHSA-2017:3404 | vendor-advisoryx_refsource_REDHAT |
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat | postgresql init script |
Affected:
all
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T19:50:16.051Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:3402",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3402"
},
{
"name": "RHSA-2017:3403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3403"
},
{
"name": "RHSA-2017:3405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3405"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15097"
},
{
"name": "1039983",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039983"
},
{
"name": "RHSA-2017:3404",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3404"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "postgresql init script",
"vendor": "Red Hat",
"versions": [
{
"status": "affected",
"version": "all"
}
]
}
],
"datePublic": "2018-07-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-28T09:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:3402",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3402"
},
{
"name": "RHSA-2017:3403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3403"
},
{
"name": "RHSA-2017:3405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3405"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15097"
},
{
"name": "1039983",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039983"
},
{
"name": "RHSA-2017:3404",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3404"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-15097",
"datePublished": "2018-07-27T20:00:00.000Z",
"dateReserved": "2017-10-08T00:00:00.000Z",
"dateUpdated": "2024-08-05T19:50:16.051Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12258 (GCVE-0-2017-12258)
Vulnerability from cvelistv5 – Published: 2017-10-05 07:00 – Updated: 2024-08-05 18:28| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/101172 | vdb-entryx_refsource_BID |
| http://www.securitytracker.com/id/1039505 | vdb-entryx_refsource_SECTRACK |
| https://tools.cisco.com/security/center/content/C… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Cisco Unified Communications Manager |
Affected:
Cisco Unified Communications Manager
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101172",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101172"
},
{
"name": "1039505",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039505"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-ucm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Unified Communications Manager",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Unified Communications Manager"
}
]
}
],
"datePublic": "2017-10-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML inline frames (iframes). An attacker could exploit this vulnerability by directing a user of the affected software to an attacker-controlled web page that contains a malicious HTML inline frame. A successful exploit could allow the attacker to conduct click-jacking or other types of client-side browser attacks. Cisco Bug IDs: CSCve60993."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-06T09:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "101172",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101172"
},
{
"name": "1039505",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039505"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-ucm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-12258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Unified Communications Manager",
"version": {
"version_data": [
{
"version_value": "Cisco Unified Communications Manager"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based UI of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to execute a cross-frame scripting (XFS) attack. The vulnerability exists because the affected software does not provide sufficient protections for HTML inline frames (iframes). An attacker could exploit this vulnerability by directing a user of the affected software to an attacker-controlled web page that contains a malicious HTML inline frame. A successful exploit could allow the attacker to conduct click-jacking or other types of client-side browser attacks. Cisco Bug IDs: CSCve60993."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101172",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101172"
},
{
"name": "1039505",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039505"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-ucm",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-ucm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-12258",
"datePublished": "2017-10-05T07:00:00.000Z",
"dateReserved": "2017-08-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T18:28:16.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-12172 (GCVE-0-2017-12172)
Vulnerability from cvelistv5 – Published: 2017-11-22 19:00 – Updated: 2024-09-16 22:20| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2017:3402 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/101949 | vdb-entryx_refsource_BID |
| https://access.redhat.com/errata/RHSA-2017:3403 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:3405 | vendor-advisoryx_refsource_REDHAT |
| https://www.postgresql.org/support/security/ | x_refsource_MISC |
| http://www.securitytracker.com/id/1039752 | vdb-entryx_refsource_SECTRACK |
| https://www.postgresql.org/about/news/1801/ | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2017:3404 | vendor-advisoryx_refsource_REDHAT |
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat, Inc. | postgresql |
Affected:
10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, 9.2.x before 9.2.24
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:3402",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3402"
},
{
"name": "101949",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101949"
},
{
"name": "RHSA-2017:3403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3403"
},
{
"name": "RHSA-2017:3405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3405"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.postgresql.org/support/security/"
},
{
"name": "1039752",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039752"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.postgresql.org/about/news/1801/"
},
{
"name": "RHSA-2017:3404",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3404"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "postgresql",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, 9.2.x before 9.2.24"
}
]
}
],
"datePublic": "2017-11-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-08T10:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2017:3402",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3402"
},
{
"name": "101949",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101949"
},
{
"name": "RHSA-2017:3403",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3403"
},
{
"name": "RHSA-2017:3405",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3405"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.postgresql.org/support/security/"
},
{
"name": "1039752",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039752"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.postgresql.org/about/news/1801/"
},
{
"name": "RHSA-2017:3404",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3404"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-11-09T00:00:00",
"ID": "CVE-2017-12172",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "postgresql",
"version": {
"version_data": [
{
"version_value": "10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, 9.2.x before 9.2.24"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a non-root operating system account, and database superusers have effective ability to run arbitrary code under that system account. PostgreSQL provides a script for starting the database server during system boot. Packages of PostgreSQL for many operating systems provide their own, packager-authored startup implementations. Several implementations use a log file name that the database superuser can replace with a symbolic link. As root, they open(), chmod() and/or chown() this log file name. This often suffices for the database superuser to escalate to root privileges when root starts the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:3402",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3402"
},
{
"name": "101949",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101949"
},
{
"name": "RHSA-2017:3403",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3403"
},
{
"name": "RHSA-2017:3405",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3405"
},
{
"name": "https://www.postgresql.org/support/security/",
"refsource": "MISC",
"url": "https://www.postgresql.org/support/security/"
},
{
"name": "1039752",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039752"
},
{
"name": "https://www.postgresql.org/about/news/1801/",
"refsource": "CONFIRM",
"url": "https://www.postgresql.org/about/news/1801/"
},
{
"name": "RHSA-2017:3404",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3404"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-12172",
"datePublished": "2017-11-22T19:00:00.000Z",
"dateReserved": "2017-08-01T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:20:22.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-7501 (GCVE-0-2017-7501)
Vulnerability from cvelistv5 – Published: 2017-11-22 22:00 – Updated: 2024-09-17 00:02| URL | Tags |
|---|---|
| https://security.gentoo.org/glsa/201811-22 | vendor-advisoryx_refsource_GENTOO |
| https://github.com/rpm-software-management/rpm/co… | x_refsource_MISC |
| https://lists.apache.org/thread.html/rf4c02775860… | mailing-listx_refsource_MLIST |
| https://lists.apache.org/thread.html/r58af02e294b… | mailing-listx_refsource_MLIST |
| Vendor | Product | Version | |
|---|---|---|---|
| Red Hat, Inc. | rpm |
Affected:
before 4.13.0.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:04:11.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201811-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "rpm",
"vendor": "Red Hat, Inc.",
"versions": [
{
"status": "affected",
"version": "before 4.13.0.2"
}
]
}
],
"datePublic": "2017-05-18T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-29T14:06:43.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "GLSA-201811-22",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"DATE_PUBLIC": "2017-05-18T00:00:00",
"ID": "CVE-2017-7501",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "rpm",
"version": {
"version_data": [
{
"version_value": "before 4.13.0.2"
}
]
}
}
]
},
"vendor_name": "Red Hat, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write in a directory where files will be installed could create symbolic links to an arbitrary location and modify content, and possibly permissions to arbitrary files, which could be used for denial of service or possibly privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201811-22",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201811-22"
},
{
"name": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc",
"refsource": "MISC",
"url": "https://github.com/rpm-software-management/rpm/commit/404ef011c300207cdb1e531670384564aae04bdc"
},
{
"name": "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4@%3Cissues.bookkeeper.apache.org%3E"
},
{
"name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2017-7501",
"datePublished": "2017-11-22T22:00:00.000Z",
"dateReserved": "2017-04-05T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:02:20.679Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-48.1
Strategy: Separation of Privilege
- Follow the principle of least privilege when assigning access rights to entities in a software system.
- Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CAPEC-132: Symlink Attack
An adversary positions a symbolic link in such a manner that the targeted user or application accesses the link's endpoint, assuming that it is accessing a file with the link's name.
CAPEC-17: Using Malicious Files
An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
CAPEC-35: Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.
CAPEC-76: Manipulating Web Input to File System Calls
An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.