Show plain JSON{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zenoss:zenoss:2.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "EB0DA572-E8E9-4723-8142-0AB09B3E7171", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "pyraw in Zenoss 2.5.3 allows local privilege escalation by modifying environment variables to redirect execution before privileges are dropped, aka ZEN-31765."}, {"lang": "es", "value": "pyraw en Zenoss versi\u00f3n 2.5.3 permite la escalada de privilegios locales al modificar las variables de entorno para redirigir la ejecuci\u00f3n antes de que se caigan los privilegios, tambi\u00e9n conocido como ZEN-31765."}], "id": "CVE-2019-14257", "lastModified": "2024-11-21T04:26:18.630", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-21T19:15:13.700", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.coalfire.com/The-Coalfire-Blog"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://www.coalfire.com/The-Coalfire-Blog/August-2019/Getting-more-from-a-compliance-test"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.coalfire.com/The-Coalfire-Blog"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://www.coalfire.com/The-Coalfire-Blog/August-2019/Getting-more-from-a-compliance-test"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]} 
MITRE
Vulnrichment
NVD
Redhat