CWE-59
AllowedImproper Link Resolution Before File Access ('Link Following')
Abstraction: Base · Status: Draft
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
1984 vulnerabilities reference this CWE, most recent first.
CVE-2020-3223 (GCVE-0-2020-3223)
Vulnerability from cvelistv5 – Published: 2020-06-03 17:41 – Updated: 2024-11-15 17:15| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco IOS XE Software 16.9.4 |
Affected:
n/a
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:57.424Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200603 Cisco IOS XE Software Web UI Arbitrary File Read Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-filerd-HngnDYGk"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3223",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:28:11.725864Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:15:25.413Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software 16.9.4",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-06-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker could exploit this vulnerability by creating a specific file reference on the filesystem and then accessing it through the web UI. An exploit could allow the attacker to read arbitrary files from the underlying operating system\u0027s filesystem."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-03T17:41:55.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200603 Cisco IOS XE Software Web UI Arbitrary File Read Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-filerd-HngnDYGk"
}
],
"source": {
"advisory": "cisco-sa-webui-filerd-HngnDYGk",
"defect": [
[
"CSCvq90852"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE Software Web UI Arbitrary File Read Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-06-03T16:00:00",
"ID": "CVE-2020-3223",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software Web UI Arbitrary File Read Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software 16.9.4",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker could exploit this vulnerability by creating a specific file reference on the filesystem and then accessing it through the web UI. An exploit could allow the attacker to read arbitrary files from the underlying operating system\u0027s filesystem."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.5",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200603 Cisco IOS XE Software Web UI Arbitrary File Read Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-filerd-HngnDYGk"
}
]
},
"source": {
"advisory": "cisco-sa-webui-filerd-HngnDYGk",
"defect": [
[
"CSCvq90852"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3223",
"datePublished": "2020-06-03T17:41:55.670Z",
"dateReserved": "2019-12-12T00:00:00.000Z",
"dateUpdated": "2024-11-15T17:15:25.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2026 (GCVE-0-2020-2026)
Vulnerability from cvelistv5 – Published: 2020-06-10 17:27 – Updated: 2024-09-16 19:35- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
| https://github.com/kata-containers/runtime/releas… | x_refsource_MISC |
| https://github.com/kata-containers/runtime/issues/2712 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/pull/2713 | x_refsource_MISC |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| https://lists.fedoraproject.org/archives/list/pac… | vendor-advisoryx_refsource_FEDORA |
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
1.11 , < 1.11.1
(custom)
Affected: 1.10 , < 1.10.5 (custom) Affected: 1 , ≤ 1.9 (custom) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.1",
"status": "affected",
"version": "1.11",
"versionType": "custom"
},
{
"lessThan": "1.10.5",
"status": "affected",
"version": "1.10",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.9",
"status": "affected",
"version": "1",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor based guests."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-06-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-05T03:06:14.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-06-10T16:00:00.000Z",
"ID": "CVE-2020-2026",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Guests can trick the kata-runtime into mounting the container image on any host path"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "1.11",
"version_value": "1.11.1"
},
{
"version_affected": "\u003c",
"version_name": "1.10",
"version_value": "1.10.5"
},
{
"version_affected": "\u003c=",
"version_name": "1",
"version_value": "1.9"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor based guests."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.11.1",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
},
{
"name": "https://github.com/kata-containers/runtime/releases/tag/1.10.5",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
},
{
"name": "https://github.com/kata-containers/runtime/issues/2712",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/issues/2712"
},
{
"name": "https://github.com/kata-containers/runtime/pull/2713",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2713"
},
{
"name": "FEDORA-2020-7a0b6071a4",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NJAMOVB7DSOGX7J26QH5HZKU7GSSX2VU/"
},
{
"name": "FEDORA-2020-2f5879aeb6",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JPBKAQBF3OR72N55GWM2TDYQP2OHK6H/"
},
{
"name": "FEDORA-2020-c33083813d",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6W5MKF7HSAIL2AX2BX6RV4WWVGUIKVLS/"
},
{
"name": "FEDORA-2020-1af9cd8c87",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XWACJQSMY5BVDMVTF3FBN7HZSOSFOG3Q/"
},
{
"name": "FEDORA-2020-61fcf3ffc7",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QNJHSSPCKUGJDVXXIXK2JUWCRJDQX7CE/"
},
{
"name": "FEDORA-2020-15a1bde727",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2P7FHA4AF6Y6PAVJBTTQPUEHXZQUOF3P/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2026",
"datePublished": "2020-06-10T17:27:46.151Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:35:42.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-2024 (GCVE-0-2020-2024)
Vulnerability from cvelistv5 – Published: 2020-05-19 21:05 – Updated: 2024-09-17 01:01- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://github.com/kata-containers/runtime/issues/2474 | x_refsource_MISC |
| https://github.com/kata-containers/runtime/pull/2475 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| Kata Containers | Kata Containers |
Affected:
unspecified , < 1.11.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:54:00.588Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Kata Containers",
"vendor": "Kata Containers",
"versions": [
{
"lessThan": "1.11.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration."
}
],
"credits": [
{
"lang": "en",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"datePublic": "2020-05-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-19T21:05:19.000Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@paloaltonetworks.com",
"DATE_PUBLIC": "2020-05-19T16:00:00.000Z",
"ID": "CVE-2020-2024",
"STATE": "PUBLIC",
"TITLE": "Kata Containers - Guests can trick the kata-runtime into unmounting any mount point on the host"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Kata Containers",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.11.0"
}
]
}
}
]
},
"vendor_name": "Kata Containers"
}
]
}
},
"configuration": [
{
"lang": "en",
"value": "Affects QEMU and Cloud Hypervisor guests on the default configuration."
}
],
"credit": [
{
"lang": "eng",
"value": "Yuval Avrahami, Palo Alto Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/kata-containers/runtime/issues/2474",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/issues/2474"
},
{
"name": "https://github.com/kata-containers/runtime/pull/2475",
"refsource": "MISC",
"url": "https://github.com/kata-containers/runtime/pull/2475"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2020-2024",
"datePublished": "2020-05-19T21:05:19.715Z",
"dateReserved": "2019-12-04T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:01:22.908Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18901 (GCVE-0-2019-18901)
Vulnerability from cvelistv5 – Published: 2020-03-02 16:10 – Updated: 2024-09-17 01:16- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.suse.com/show_bug.cgi?id=1160895 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server 12 |
Affected:
mariadb , < 10.2.31-3.25.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise Server 15 |
Affected:
mariadb , < 10.2.31-3.26.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2020:0289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1160895"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SUSE Linux Enterprise Server 12",
"vendor": "SUSE",
"versions": [
{
"lessThan": "10.2.31-3.25.1",
"status": "affected",
"version": "mariadb",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise Server 15",
"vendor": "SUSE",
"versions": [
{
"lessThan": "10.2.31-3.26.1",
"status": "affected",
"version": "mariadb",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Matthias Gerstner"
}
],
"datePublic": "2020-02-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-20T15:45:08.000Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"name": "openSUSE-SU-2020:0289",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1160895"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1160895",
"defect": [
"1160895"
],
"discovery": "INTERNAL"
},
"title": "mysql-systemd-helper allows setting 640 permissions of arbitrary files",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2020-02-05T00:00:00.000Z",
"ID": "CVE-2019-18901",
"STATE": "PUBLIC",
"TITLE": "mysql-systemd-helper allows setting 640 permissions of arbitrary files"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise Server 12",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "mariadb",
"version_value": "10.2.31-3.25.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Server 15",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "mariadb",
"version_value": "10.2.31-3.26.1"
}
]
}
}
]
},
"vendor_name": "SUSE"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Matthias Gerstner"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2020:0289",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1160895",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1160895"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1160895",
"defect": [
"1160895"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2019-18901",
"datePublished": "2020-03-02T16:10:13.772Z",
"dateReserved": "2019-11-12T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:16:43.090Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18898 (GCVE-0-2019-18898)
Vulnerability from cvelistv5 – Published: 2020-01-23 14:05 – Updated: 2024-09-16 18:24- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.suse.com/show_bug.cgi?id=1157651 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server 15 SP1 |
Affected:
trousers , < 0.3.14-6.3.1
(custom)
|
|
| openSUSE | Factory |
Affected:
trousers , < 0.3.14-7.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2020:0744",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00066.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157651"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SUSE Linux Enterprise Server 15 SP1",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.3.14-6.3.1",
"status": "affected",
"version": "trousers",
"versionType": "custom"
}
]
},
{
"product": "Factory",
"vendor": "openSUSE",
"versions": [
{
"lessThan": "0.3.14-7.1",
"status": "affected",
"version": "trousers",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Johannes Segitz from SUSE"
}
],
"datePublic": "2019-11-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-20T15:45:08.000Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"name": "openSUSE-SU-2020:0744",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00066.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157651"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157651",
"defect": [
"1157651"
],
"discovery": "INTERNAL"
},
"title": "trousers: Local privilege escalation from tss to root",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2019-11-26T00:00:00.000Z",
"ID": "CVE-2019-18898",
"STATE": "PUBLIC",
"TITLE": "trousers: Local privilege escalation from tss to root"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise Server 15 SP1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "trousers",
"version_value": "0.3.14-6.3.1"
}
]
}
}
]
},
"vendor_name": "SUSE"
},
{
"product": {
"product_data": [
{
"product_name": "Factory",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "trousers",
"version_value": "0.3.14-7.1"
}
]
}
}
]
},
"vendor_name": "openSUSE"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Johannes Segitz from SUSE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2020:0744",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00066.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1157651",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157651"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157651",
"defect": [
"1157651"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2019-18898",
"datePublished": "2020-01-23T14:05:14.446Z",
"dateReserved": "2019-11-12T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:24:53.684Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18897 (GCVE-0-2019-18897)
Vulnerability from cvelistv5 – Published: 2020-03-02 15:20 – Updated: 2024-09-17 01:21- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
| https://bugzilla.suse.com/show_bug.cgi?id=1157465 | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server 12 |
Affected:
salt-master , ≤ 2019.2.0-46.83.1
(custom)
|
|
| SUSE | SUSE Linux Enterprise Server 15 |
Affected:
salt-master , ≤ 2019.2.0-6.21.1
(custom)
|
|
| openSUSE | Factory |
Affected:
salt-master , ≤ 2019.2.2-3.1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.827Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2020:0357",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157465"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SUSE Linux Enterprise Server 12",
"vendor": "SUSE",
"versions": [
{
"lessThanOrEqual": "2019.2.0-46.83.1",
"status": "affected",
"version": "salt-master",
"versionType": "custom"
}
]
},
{
"product": "SUSE Linux Enterprise Server 15",
"vendor": "SUSE",
"versions": [
{
"lessThanOrEqual": "2019.2.0-6.21.1",
"status": "affected",
"version": "salt-master",
"versionType": "custom"
}
]
},
{
"product": "Factory",
"vendor": "openSUSE",
"versions": [
{
"lessThanOrEqual": "2019.2.2-3.1",
"status": "affected",
"version": "salt-master",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Johannes Segitz"
}
],
"datePublic": "2020-02-24T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-11-20T15:45:08.000Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"name": "openSUSE-SU-2020:0357",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157465"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157465",
"defect": [
"1157465"
],
"discovery": "INTERNAL"
},
"title": "Local privilege escalation from user salt to root",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2020-02-24T00:00:00.000Z",
"ID": "CVE-2019-18897",
"STATE": "PUBLIC",
"TITLE": "Local privilege escalation from user salt to root"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise Server 12",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "salt-master",
"version_value": "2019.2.0-46.83.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Server 15",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "salt-master",
"version_value": "2019.2.0-6.21.1"
}
]
}
}
]
},
"vendor_name": "SUSE"
},
{
"product": {
"product_data": [
{
"product_name": "Factory",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "salt-master",
"version_value": "2019.2.2-3.1"
}
]
}
}
]
},
"vendor_name": "openSUSE"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Johannes Segitz"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "openSUSE-SU-2020:0357",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00026.html"
},
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1157465",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1157465"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1157465",
"defect": [
"1157465"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2019-18897",
"datePublished": "2020-03-02T15:20:27.294Z",
"dateReserved": "2019-11-12T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:21:20.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18232 (GCVE-0-2019-18232)
Vulnerability from cvelistv5 – Published: 2019-12-11 22:22 – Updated: 2024-08-05 01:47- CWE-59 - IMPROPER LINK RESOLUTION BEFORE FILE ACCESS ('LINK FOLLOWING') CWE-59
| URL | Tags |
|---|---|
| https://www.us-cert.gov/ics/advisories/icsa-19-339-01 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | SafeNet Sentinel LDK License Manager Runtime |
Affected:
All versions prior to 7.101(only Microsoft Windows versions are affected)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:47:14.069Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-339-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SafeNet Sentinel LDK License Manager Runtime",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions prior to 7.101(only Microsoft Windows versions are affected)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only Microsoft Windows versions are affected) is vulnerable when configured as a service. This vulnerability may allow an attacker with local access to create, write, and/or delete files in system folder using symbolic links, leading to a privilege escalation. This vulnerability could also be used by an attacker to execute a malicious DLL, which could impact the integrity and availability of the system."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "IMPROPER LINK RESOLUTION BEFORE FILE ACCESS (\u0027LINK FOLLOWING\u0027) CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-11T22:22:42.000Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-339-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"ID": "CVE-2019-18232",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SafeNet Sentinel LDK License Manager Runtime",
"version": {
"version_data": [
{
"version_value": "All versions prior to 7.101(only Microsoft Windows versions are affected)"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only Microsoft Windows versions are affected) is vulnerable when configured as a service. This vulnerability may allow an attacker with local access to create, write, and/or delete files in system folder using symbolic links, leading to a privilege escalation. This vulnerability could also be used by an attacker to execute a malicious DLL, which could impact the integrity and availability of the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "IMPROPER LINK RESOLUTION BEFORE FILE ACCESS (\u0027LINK FOLLOWING\u0027) CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.us-cert.gov/ics/advisories/icsa-19-339-01",
"refsource": "MISC",
"url": "https://www.us-cert.gov/ics/advisories/icsa-19-339-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2019-18232",
"datePublished": "2019-12-11T22:22:42.000Z",
"dateReserved": "2019-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-05T01:47:14.069Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-12672 (GCVE-0-2019-12672)
Vulnerability from cvelistv5 – Published: 2019-09-25 20:16 – Updated: 2024-11-20 17:09| URL | Tags |
|---|---|
| https://tools.cisco.com/security/center/content/C… | vendor-advisoryx_refsource_CISCO |
| Vendor | Product | Version | |
|---|---|---|---|
| Cisco | Cisco IOS XE Software 3.11.1S |
Affected:
unspecified , < n/a
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20190925 Cisco IOS XE Software Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-codeexec"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12672",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T16:51:41.245728Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-20T17:09:23.330Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software 3.11.1S",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-09-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker with physical access to an affected device to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient file location validation. An attacker could exploit this vulnerability by placing code in a specific format on a USB device and inserting it into an affected Cisco device. A successful exploit could allow the attacker to execute the code with root privileges on the underlying OS of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-25T20:16:02.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20190925 Cisco IOS XE Software Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-codeexec"
}
],
"source": {
"advisory": "cisco-sa-20190925-iosxe-codeexec",
"defect": [
[
"CSCvg18064"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco IOS XE Software Arbitrary Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-09-25T16:00:00-0700",
"ID": "CVE-2019-12672",
"STATE": "PUBLIC",
"TITLE": "Cisco IOS XE Software Arbitrary Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco IOS XE Software 3.11.1S",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the filesystem of Cisco IOS XE Software could allow an authenticated, local attacker with physical access to an affected device to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient file location validation. An attacker could exploit this vulnerability by placing code in a specific format on a USB device and inserting it into an affected Cisco device. A successful exploit could allow the attacker to execute the code with root privileges on the underlying OS of the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.2",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20190925 Cisco IOS XE Software Arbitrary Code Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-iosxe-codeexec"
}
]
},
"source": {
"advisory": "cisco-sa-20190925-iosxe-codeexec",
"defect": [
[
"CSCvg18064"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12672",
"datePublished": "2019-09-25T20:16:02.526Z",
"dateReserved": "2019-06-04T00:00:00.000Z",
"dateUpdated": "2024-11-20T17:09:23.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-10152 (GCVE-0-2019-10152)
Vulnerability from cvelistv5 – Published: 2019-07-30 22:07 – Updated: 2024-08-04 22:10| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2… | x_refsource_CONFIRM |
| https://github.com/containers/libpod/issues/3211 | x_refsource_CONFIRM |
| https://github.com/containers/libpod/pull/3214 | x_refsource_CONFIRM |
| https://github.com/containers/libpod/blob/master/… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-security-annou… | vendor-advisoryx_refsource_SUSE |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T22:10:09.977Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10152"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/containers/libpod/issues/3211"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/containers/libpod/pull/3214"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/containers/libpod/blob/master/RELEASE_NOTES.md#140"
},
{
"name": "openSUSE-SU-2019:2044",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "podman",
"vendor": "Podman",
"versions": [
{
"status": "affected",
"version": "fixed in 1.4.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-09-01T23:06:07.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10152"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/containers/libpod/issues/3211"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/containers/libpod/pull/3214"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/containers/libpod/blob/master/RELEASE_NOTES.md#140"
},
{
"name": "openSUSE-SU-2019:2044",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-10152",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "podman",
"version": {
"version_data": [
{
"version_value": "fixed in 1.4.0"
}
]
}
}
]
},
"vendor_name": "Podman"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.5/CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-22"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10152",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10152"
},
{
"name": "https://github.com/containers/libpod/issues/3211",
"refsource": "CONFIRM",
"url": "https://github.com/containers/libpod/issues/3211"
},
{
"name": "https://github.com/containers/libpod/pull/3214",
"refsource": "CONFIRM",
"url": "https://github.com/containers/libpod/pull/3214"
},
{
"name": "https://github.com/containers/libpod/blob/master/RELEASE_NOTES.md#140",
"refsource": "CONFIRM",
"url": "https://github.com/containers/libpod/blob/master/RELEASE_NOTES.md#140"
},
{
"name": "openSUSE-SU-2019:2044",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2019-10152",
"datePublished": "2019-07-30T22:07:23.000Z",
"dateReserved": "2019-03-27T00:00:00.000Z",
"dateUpdated": "2024-08-04T22:10:09.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-8463 (GCVE-0-2019-8463)
Vulnerability from cvelistv5 – Published: 2019-12-23 18:18 – Updated: 2024-08-04 21:17- CWE-59 - Improper Link Resolution Before File Access ('Link Following')
| URL | Tags |
|---|---|
| https://supportcontent.checkpoint.com/solutions?i… | x_refsource_CONFIRM |
| Vendor | Product | Version | |
|---|---|---|---|
| Check Point | Check Point Endpoint Security Client for Windows |
Affected:
before E82.10
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T21:17:31.349Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk163578"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Check Point Endpoint Security Client for Windows",
"vendor": "Check Point",
"versions": [
{
"status": "affected",
"version": "before E82.10"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-23T18:18:50.000Z",
"orgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"shortName": "checkpoint"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://supportcontent.checkpoint.com/solutions?id=sk163578"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@checkpoint.com",
"ID": "CVE-2019-8463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Check Point Endpoint Security Client for Windows",
"version": {
"version_data": [
{
"version_value": "before E82.10"
}
]
}
}
]
},
"vendor_name": "Check Point"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A denial of service vulnerability was reported in Check Point Endpoint Security Client for Windows before E82.10, that could allow service log file to be written to non-standard locations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://supportcontent.checkpoint.com/solutions?id=sk163578",
"refsource": "CONFIRM",
"url": "https://supportcontent.checkpoint.com/solutions?id=sk163578"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "897c38be-0345-43cd-b6cf-fe179e0c4f45",
"assignerShortName": "checkpoint",
"cveId": "CVE-2019-8463",
"datePublished": "2019-12-23T18:18:50.000Z",
"dateReserved": "2019-02-18T00:00:00.000Z",
"dateUpdated": "2024-08-04T21:17:31.349Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-48.1
Strategy: Separation of Privilege
- Follow the principle of least privilege when assigning access rights to entities in a software system.
- Denying access to a file can prevent an attacker from replacing that file with a link to a sensitive file. Ensure good compartmentalization in the system to provide protected areas that can be trusted.
CAPEC-132: Symlink Attack
An adversary positions a symbolic link in such a manner that the targeted user or application accesses the link's endpoint, assuming that it is accessing a file with the link's name.
CAPEC-17: Using Malicious Files
An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.
CAPEC-35: Leverage Executable Code in Non-Executable Files
An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.
CAPEC-76: Manipulating Web Input to File System Calls
An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.