CWE-59
AllowedImproper Link Resolution Before File Access ('Link Following')
Abstraction: Base · Status: Draft
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
1984 vulnerabilities reference this CWE, most recent first.
CVE-2020-28935 (GCVE-0-2020-28935)
Vulnerability from cvelistv5 – Published: 2020-12-07 21:46 – Updated: 2024-09-16 23:27- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| Vendor | Product | Version | |
|---|---|---|---|
| NLnet Labs | Unbound |
Affected:
<= 1.12.0
|
|
| NLnet Labs | NSD |
Affected:
<= 4.3.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T16:48:00.719Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt"
},
{
"name": "GLSA-202101-38",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202101-38"
},
{
"name": "[debian-lts-announce] 20210212 [SECURITY] [DLA 2556-1] unbound1.9 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html"
},
{
"name": "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Unbound",
"vendor": "NLnet Labs",
"versions": [
{
"status": "affected",
"version": "\u003c= 1.12.0"
}
]
},
{
"product": "NSD",
"vendor": "NLnet Labs",
"versions": [
{
"status": "affected",
"version": "\u003c= 4.3.3"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "We would like to thank Mason Loring Bliss for bringing the issue to our attention."
}
],
"datePublic": "2020-12-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-29T00:00:00.000Z",
"orgId": "206fc3a0-e175-490b-9eaa-a5738056c9f6",
"shortName": "NLnet Labs"
},
"references": [
{
"url": "https://www.nlnetlabs.nl/downloads/unbound/CVE-2020-28935.txt"
},
{
"url": "https://www.nlnetlabs.nl/downloads/nsd/CVE-2020-28935.txt"
},
{
"name": "GLSA-202101-38",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/202101-38"
},
{
"name": "[debian-lts-announce] 20210212 [SECURITY] [DLA 2556-1] unbound1.9 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00017.html"
},
{
"name": "[debian-lts-announce] 20230329 [SECURITY] [DLA 3371-1] unbound security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00024.html"
}
],
"title": "Local symlink attack in Unbound and NSD"
}
},
"cveMetadata": {
"assignerOrgId": "206fc3a0-e175-490b-9eaa-a5738056c9f6",
"assignerShortName": "NLnet Labs",
"cveId": "CVE-2020-28935",
"datePublished": "2020-12-07T21:46:47.878Z",
"dateReserved": "2020-11-18T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:27:01.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-26277 (GCVE-0-2020-26277)
Vulnerability from cvelistv5 – Published: 2020-12-21 21:15 – Updated: 2024-08-04 15:56- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://github.com/datacharmer/dbdeployer/securit… | x_refsource_CONFIRM |
| https://github.com/datacharmer/dbdeployer/commit/… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| datacharmer | dbdeployer |
Affected:
< 1.58.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:56:03.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/datacharmer/dbdeployer/security/advisories/GHSA-47wr-426j-fr82"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/datacharmer/dbdeployer/commit/548e256c1de2f99746e861454e7714ec6bc9bb10"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "dbdeployer",
"vendor": "datacharmer",
"versions": [
{
"status": "affected",
"version": "\u003c 1.58.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "DBdeployer is a tool that deploys MySQL database servers easily. In DBdeployer before version 1.58.2, users unpacking a tarball may use a maliciously packaged tarball that contains symlinks to files external to the target. In such scenario, an attacker could induce dbdeployer to write into a system file, thus altering the computer defenses. For the attack to succeed, the following factors need to contribute: 1) The user is logged in as root. While dbdeployer is usable as root, it was designed to run as unprivileged user. 2) The user has taken a tarball from a non secure source, without testing the checksum. When the tarball is retrieved through dbdeployer, the checksum is compared before attempting to unpack. This has been fixed in version 1.58.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-21T21:15:14.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/datacharmer/dbdeployer/security/advisories/GHSA-47wr-426j-fr82"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/datacharmer/dbdeployer/commit/548e256c1de2f99746e861454e7714ec6bc9bb10"
}
],
"source": {
"advisory": "GHSA-47wr-426j-fr82",
"discovery": "UNKNOWN"
},
"title": "Arbitrary read/write in DBdeployer",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-26277",
"STATE": "PUBLIC",
"TITLE": "Arbitrary read/write in DBdeployer"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "dbdeployer",
"version": {
"version_data": [
{
"version_value": "\u003c 1.58.2"
}
]
}
}
]
},
"vendor_name": "datacharmer"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "DBdeployer is a tool that deploys MySQL database servers easily. In DBdeployer before version 1.58.2, users unpacking a tarball may use a maliciously packaged tarball that contains symlinks to files external to the target. In such scenario, an attacker could induce dbdeployer to write into a system file, thus altering the computer defenses. For the attack to succeed, the following factors need to contribute: 1) The user is logged in as root. While dbdeployer is usable as root, it was designed to run as unprivileged user. 2) The user has taken a tarball from a non secure source, without testing the checksum. When the tarball is retrieved through dbdeployer, the checksum is compared before attempting to unpack. This has been fixed in version 1.58.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/datacharmer/dbdeployer/security/advisories/GHSA-47wr-426j-fr82",
"refsource": "CONFIRM",
"url": "https://github.com/datacharmer/dbdeployer/security/advisories/GHSA-47wr-426j-fr82"
},
{
"name": "https://github.com/datacharmer/dbdeployer/commit/548e256c1de2f99746e861454e7714ec6bc9bb10",
"refsource": "MISC",
"url": "https://github.com/datacharmer/dbdeployer/commit/548e256c1de2f99746e861454e7714ec6bc9bb10"
}
]
},
"source": {
"advisory": "GHSA-47wr-426j-fr82",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-26277",
"datePublished": "2020-12-21T21:15:14.000Z",
"dateReserved": "2020-10-01T00:00:00.000Z",
"dateUpdated": "2024-08-04T15:56:03.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-14367 (GCVE-0-2020-14367)
Vulnerability from cvelistv5 – Published: 2020-08-24 14:07 – Updated: 2024-08-04 12:46- CWE-59 - leads to CWE-22
| URL | Tags |
|---|---|
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://bugzilla.redhat.com/show_bug.cgi?id=1870298 | x_refsource_MISC |
| https://security.gentoo.org/glsa/202008-23 | vendor-advisoryx_refsource_GENTOO |
| https://usn.ubuntu.com/4475-1/ | vendor-advisoryx_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:46:33.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "FEDORA-2020-7aa962c55e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WKABKNLCSC3MACCWU6OM2YGWVWFWFMU/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870298"
},
{
"name": "GLSA-202008-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202008-23"
},
{
"name": "USN-4475-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4475-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Chrony",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All chrony versions before 3.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it\u0027s opened for writing, chronyd does not check for an existing symbolic link with the same file name. This flaw allows an attacker with privileged access to create a symlink with the default PID file name pointing to any destination file in the system, resulting in data loss and a denial of service due to the path traversal."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 leads to CWE-22",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-09T13:06:31.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "FEDORA-2020-7aa962c55e",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6WKABKNLCSC3MACCWU6OM2YGWVWFWFMU/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870298"
},
{
"name": "GLSA-202008-23",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/202008-23"
},
{
"name": "USN-4475-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4475-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-14367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Chrony",
"version": {
"version_data": [
{
"version_value": "All chrony versions before 3.5.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it\u0027s opened for writing, chronyd does not check for an existing symbolic link with the same file name. This flaw allows an attacker with privileged access to create a symlink with the default PID file name pointing to any destination file in the system, resulting in data loss and a denial of service due to the path traversal."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 leads to CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "FEDORA-2020-7aa962c55e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6WKABKNLCSC3MACCWU6OM2YGWVWFWFMU/"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1870298",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1870298"
},
{
"name": "GLSA-202008-23",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/202008-23"
},
{
"name": "USN-4475-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4475-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-14367",
"datePublished": "2020-08-24T14:07:19.000Z",
"dateReserved": "2020-06-17T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:46:33.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-13095 (GCVE-0-2020-13095)
Vulnerability from cvelistv5 – Published: 2020-06-30 16:33 – Updated: 2024-08-04 12:11- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://obdev.at/cve/2020-13095-t46oXJJOwz.html | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Little Snitch |
Affected:
up to 4.5.1
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:11:19.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://obdev.at/cve/2020-13095-t46oXJJOwz.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Little Snitch",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "up to 4.5.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-30T16:33:54.000Z",
"orgId": "e0cebea7-a708-4bfe-81c1-855d35eb4544",
"shortName": "obdev"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://obdev.at/cve/2020-13095-t46oXJJOwz.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-13095",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Little Snitch",
"version": {
"version_data": [
{
"version_value": "up to 4.5.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://obdev.at/cve/2020-13095-t46oXJJOwz.html",
"refsource": "MISC",
"url": "https://obdev.at/cve/2020-13095-t46oXJJOwz.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e0cebea7-a708-4bfe-81c1-855d35eb4544",
"assignerShortName": "obdev",
"cveId": "CVE-2020-13095",
"datePublished": "2020-06-30T16:33:54.000Z",
"dateReserved": "2020-05-15T00:00:00.000Z",
"dateUpdated": "2024-08-04T12:11:19.272Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8103 (GCVE-0-2020-8103)
Vulnerability from cvelistv5 – Published: 2020-06-05 11:10 – Updated: 2024-09-16 23:36- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://www.bitdefender.com/support/security-advi… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Bitdefender | Bitdefender Antivirus Free |
Affected:
unspecified , < 1.0.17.178
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:25.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bitdefender.com/support/security-advisories/link-resolution-privilege-escalation-vulnerability-bitdefender-antivirus-free-va-8604/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Bitdefender Antivirus Free",
"vendor": "Bitdefender",
"versions": [
{
"lessThan": "1.0.17.178",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Ilias Dimopoulos of\u202fRedyOps Research Labs"
}
],
"datePublic": "2020-06-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects Bitdefender Antivirus Free versions prior to 1.0.17.178."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-05T11:10:13.000Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bitdefender.com/support/security-advisories/link-resolution-privilege-escalation-vulnerability-bitdefender-antivirus-free-va-8604/"
}
],
"solutions": [
{
"lang": "en",
"value": "An automatic update to Bitdefender Antivirus Free version 1.0.17.178 or newer fixes the issue."
}
],
"source": {
"defect": [
"VA-8604"
],
"discovery": "EXTERNAL"
},
"title": "Link Resolution Privilege Escalation Vulnerability in Bitdefender Antivirus Free (VA-8604)",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-requests@bitdefender.com",
"DATE_PUBLIC": "2020-06-05T12:00:00.000Z",
"ID": "CVE-2020-8103",
"STATE": "PUBLIC",
"TITLE": "Link Resolution Privilege Escalation Vulnerability in Bitdefender Antivirus Free (VA-8604)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Bitdefender Antivirus Free",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.0.17.178"
}
]
}
}
]
},
"vendor_name": "Bitdefender"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Ilias Dimopoulos of\u202fRedyOps Research Labs"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects Bitdefender Antivirus Free versions prior to 1.0.17.178."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.bitdefender.com/support/security-advisories/link-resolution-privilege-escalation-vulnerability-bitdefender-antivirus-free-va-8604/",
"refsource": "MISC",
"url": "https://www.bitdefender.com/support/security-advisories/link-resolution-privilege-escalation-vulnerability-bitdefender-antivirus-free-va-8604/"
}
]
},
"solution": [
{
"lang": "en",
"value": "An automatic update to Bitdefender Antivirus Free version 1.0.17.178 or newer fixes the issue."
}
],
"source": {
"defect": [
"VA-8604"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2020-8103",
"datePublished": "2020-06-05T11:10:13.595Z",
"dateReserved": "2020-01-28T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:36:04.518Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8099 (GCVE-0-2020-8099)
Vulnerability from cvelistv5 – Published: 2020-04-21 10:40 – Updated: 2024-09-16 20:58- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://www.bitdefender.com/support/security-advi… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Bitdefender | Antivirus Free |
Affected:
unspecified , < 1.0.17
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:25.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bitdefender.com/support/security-advisories/link-resolution-privilege-escalation-vulnerability-in-bitdefender-antivirus-free-va-8387/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Antivirus Free",
"vendor": "Bitdefender",
"versions": [
{
"lessThan": "1.0.17",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Jimmy Bayne"
}
],
"datePublic": "2020-04-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the improper handling of junctions in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects: Bitdefender Antivirus Free versions prior to 1.0.17."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-21T10:40:15.000Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bitdefender.com/support/security-advisories/link-resolution-privilege-escalation-vulnerability-in-bitdefender-antivirus-free-va-8387/"
}
],
"solutions": [
{
"lang": "en",
"value": "An automated update to version 1.0.17 or higher fixes the issue."
}
],
"source": {
"advisory": "VA-8387",
"discovery": "EXTERNAL"
},
"title": "Link Resolution Privilege Escalation Vulnerability in Bitdefender Antivirus Free (VA-8387)",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-requests@bitdefender.com",
"DATE_PUBLIC": "2020-04-21T09:00:00.000Z",
"ID": "CVE-2020-8099",
"STATE": "PUBLIC",
"TITLE": "Link Resolution Privilege Escalation Vulnerability in Bitdefender Antivirus Free (VA-8387)"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Antivirus Free",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.0.17"
}
]
}
}
]
},
"vendor_name": "Bitdefender"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Jimmy Bayne"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the improper handling of junctions in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects: Bitdefender Antivirus Free versions prior to 1.0.17."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.bitdefender.com/support/security-advisories/link-resolution-privilege-escalation-vulnerability-in-bitdefender-antivirus-free-va-8387/",
"refsource": "MISC",
"url": "https://www.bitdefender.com/support/security-advisories/link-resolution-privilege-escalation-vulnerability-in-bitdefender-antivirus-free-va-8387/"
}
]
},
"solution": [
{
"lang": "en",
"value": "An automated update to version 1.0.17 or higher fixes the issue."
}
],
"source": {
"advisory": "VA-8387",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2020-8099",
"datePublished": "2020-04-21T10:40:15.465Z",
"dateReserved": "2020-01-28T00:00:00.000Z",
"dateUpdated": "2024-09-16T20:58:15.875Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8095 (GCVE-0-2020-8095)
Vulnerability from cvelistv5 – Published: 2020-01-30 21:05 – Updated: 2024-09-17 01:30- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://www.bitdefender.com/support/security-advi… | x_refsource_MISC |
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Bitdefender | Bitdefender Total Security 2020 |
Affected:
unspecified , < 24.9
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:25.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.bitdefender.com/support/security-advisories/bitdefender-total-security-link-resolution-denial-service-vulnerability-va-4021"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-198/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Bitdefender Total Security 2020",
"vendor": "Bitdefender",
"versions": [
{
"lessThan": "24.9",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Nabeel Ahmed of Dimension Data Belgium working with Trend Micro Zero Day Initiative"
}
],
"datePublic": "2020-01-30T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-05T23:06:01.000Z",
"orgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"shortName": "Bitdefender"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.bitdefender.com/support/security-advisories/bitdefender-total-security-link-resolution-denial-service-vulnerability-va-4021"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-198/"
}
],
"solutions": [
{
"lang": "en",
"value": "The vulnerability has been fixed in Bitdefender Total Security 2020 version 24.9. A fix was automatically delivered to affected installs."
}
],
"source": {
"advisory": "VA-4021",
"defect": [
"VA-4021"
],
"discovery": "EXTERNAL"
},
"title": "Bitdefender Total Security Link Resolution Denial-of-Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-requests@bitdefender.com",
"DATE_PUBLIC": "2020-01-30T14:00:00.000Z",
"ID": "CVE-2020-8095",
"STATE": "PUBLIC",
"TITLE": "Bitdefender Total Security Link Resolution Denial-of-Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Bitdefender Total Security 2020",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "24.9"
}
]
}
}
]
},
"vendor_name": "Bitdefender"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Nabeel Ahmed of Dimension Data Belgium working with Trend Micro Zero Day Initiative"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.bitdefender.com/support/security-advisories/bitdefender-total-security-link-resolution-denial-service-vulnerability-va-4021",
"refsource": "MISC",
"url": "https://www.bitdefender.com/support/security-advisories/bitdefender-total-security-link-resolution-denial-service-vulnerability-va-4021"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-198/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-198/"
}
]
},
"solution": [
{
"lang": "en",
"value": "The vulnerability has been fixed in Bitdefender Total Security 2020 version 24.9. A fix was automatically delivered to affected installs."
}
],
"source": {
"advisory": "VA-4021",
"defect": [
"VA-4021"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "b3d5ebe7-963e-41fb-98e1-2edaeabb8f82",
"assignerShortName": "Bitdefender",
"cveId": "CVE-2020-8095",
"datePublished": "2020-01-30T21:05:20.309Z",
"dateReserved": "2020-01-28T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:30:56.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8015 (GCVE-0-2020-8015)
Vulnerability from cvelistv5 – Published: 2020-04-02 07:55 – Updated: 2024-09-16 19:46- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.suse.com/show_bug.cgi?id=1154183 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:25.101Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2020:0491",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1154183"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Factory",
"vendor": "openSUSE",
"versions": [
{
"lessThan": "4.93.0.4-3.1",
"status": "affected",
"version": "exim",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Johannes Segitz of SUSE"
}
],
"datePublic": "2020-04-02T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-20T15:45:09.000Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"name": "openSUSE-SU-2020:0491",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1154183"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1154183",
"defect": [
"1154183"
],
"discovery": "INTERNAL"
},
"title": "Local privilege escalation in exim package from user mail to root",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2020-04-02T00:00:00.000Z",
"ID": "CVE-2020-8015",
"STATE": "PUBLIC",
"TITLE": "Local privilege escalation in exim package from user mail to root"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Factory",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "exim",
"version_value": "4.93.0.4-3.1"
}
]
}
}
]
},
"vendor_name": "openSUSE"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Johannes Segitz of SUSE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exim versions prior to 4.93.0.4-3.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2020:0491",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00010.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1154183",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1154183"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1154183",
"defect": [
"1154183"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2020-8015",
"datePublished": "2020-04-02T07:55:13.216Z",
"dateReserved": "2020-01-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:46:31.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-8013 (GCVE-0-2020-8013)
Vulnerability from cvelistv5 – Published: 2020-03-02 16:35 – Updated: 2024-09-16 17:23- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.suse.com/show_bug.cgi?id=1163922 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server 12 |
Affected:
permissions , < 2015.09.28.1626-17.27.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise Server 15 |
Affected:
permissions , < 20181116-9.23.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise Server 11 |
Affected:
permissions , < 2013.1.7-0.6.12.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:24.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2020:0302",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1163922"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SUSE Linux Enterprise Server 12",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2015.09.28.1626-17.27.1",
"status": "affected",
"version": "permissions",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise Server 15",
"vendor": "SUSE",
"versions": [
{
"lessThan": "20181116-9.23.1",
"status": "affected",
"version": "permissions",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise Server 11",
"vendor": "SUSE",
"versions": [
{
"lessThan": "2013.1.7-0.6.12.1",
"status": "affected",
"version": "permissions",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-02-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can\u0027t be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-19T17:09:16.000Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"name": "openSUSE-SU-2020:0302",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00010.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1163922"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1163922",
"defect": [
"1163922"
],
"discovery": "INTERNAL"
},
"title": "permissions: chkstat sets unintended setuid/capabilities for mrsh and wodim",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2020-02-28T00:00:00.000Z",
"ID": "CVE-2020-8013",
"STATE": "PUBLIC",
"TITLE": "permissions: chkstat sets unintended setuid/capabilities for mrsh and wodim"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise Server 12",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "permissions",
"version_value": "2015.09.28.1626-17.27.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Server 15",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "permissions",
"version_value": "20181116-9.23.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Server 11",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "permissions",
"version_value": "2013.1.7-0.6.12.1"
}
]
}
}
]
},
"vendor_name": "SUSE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can\u0027t be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.2,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2020:0302",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00010.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1163922",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1163922"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1163922",
"defect": [
"1163922"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2020-8013",
"datePublished": "2020-03-02T16:35:13.188Z",
"dateReserved": "2020-01-27T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:23:50.476Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7346 (GCVE-0-2020-7346)
Vulnerability from cvelistv5 – Published: 2021-03-23 16:05 – Updated: 2024-08-04 09:25- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://kc.mcafee.com/corporate/index?page=conten… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| McAfee,LLC | McAfee Data Loss Prevention (DLP) Endpoint for Windows |
Affected:
unspecified , < 11.6.100
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:49.105Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10344"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "McAfee Data Loss Prevention (DLP) Endpoint for Windows",
"vendor": "McAfee,LLC",
"versions": [
{
"lessThan": "11.6.100",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003ePrivilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker\u0027s choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time.\u003c/p\u003e"
}
],
"value": "Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker\u0027s choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-20T08:41:22.200Z",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10344"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege escalation in McAfee DLP Endpoint for Windows",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2020-7346",
"STATE": "PUBLIC",
"TITLE": "Privilege escalation in McAfee DLP Endpoint for Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee Data Loss Prevention (DLP) Endpoint for Windows",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_value": "11.6.100"
}
]
}
}
]
},
"vendor_name": "McAfee,LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to load DLLs of the attacker\u0027s choosing. This requires the creation and removal of junctions by the attacker along with sending a specific IOTL command at the correct time."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Privilege escalation vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10344",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10344"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7346",
"datePublished": "2021-03-23T16:05:23.000Z",
"dateReserved": "2020-01-21T00:00:00.000Z",
"dateUpdated": "2024-08-04T09:25:49.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-48.1
Strategy: Separation of Privilege
- Follow the principle of least privilege when assigning access rights to entities in a software system.
- Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CAPEC-132: Symlink Attack
An adversary positions a symbolic link in such a manner that the targeted user or application accesses the link's endpoint, assuming that it is accessing a file with the link's name.
CAPEC-17: Using Malicious Files
An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
CAPEC-35: Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.
CAPEC-76: Manipulating Web Input to File System Calls
An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.