{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a \"sudo -u \\#$((0xffffffff))\" command."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-09-14T23:06:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "[oss-security] 20191014 Sudo: CVE-2019-14287", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/10/14/1"}, {"name": "USN-4154-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4154-1/"}, {"name": "DSA-4543", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "https://www.debian.org/security/2019/dsa-4543"}, {"name": "20191015 [SECURITY] [DSA 4543-1] sudo security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/Oct/21"}, {"name": "20191015 [slackware-security] sudo (SSA:2019-287-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "https://seclists.org/bugtraq/2019/Oct/20"}, {"name": "openSUSE-SU-2019:2316", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html"}, {"name": "FEDORA-2019-9cb221f2be", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.sudo.ws/alerts/minus_1_uid.html"}, {"name": "openSUSE-SU-2019:2333", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20191017-0003/"}, {"name": "[oss-security] 20191015 Re: Sudo: CVE-2019-14287", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://www.openwall.com/lists/oss-security/2019/10/15/2"}, {"name": "[debian-lts-announce] 20191017 [SECURITY] [DLA 1964-1] sudo security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html"}, {"name": "FEDORA-2019-67998e9f7e", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.f5.com/csp/article/K53746212?utm_source=f5support&amp%3Butm_medium=RSS"}, {"name": "[oss-security] 20191023 Membership application for linux-distros - VMware", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"}, {"name": "RHSA-2019:3197", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3197"}, {"name": "RHSA-2019:3205", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3205"}, {"name": "RHSA-2019:3204", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3204"}, {"name": "RHSA-2019:3209", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3209"}, {"name": "RHSA-2019:3219", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3219"}, {"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"}, {"name": "FEDORA-2019-72755db9c7", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/"}, {"name": "RHSA-2019:3278", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3278"}, {"tags": ["x_refsource_MISC"], "url": "https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287"}, {"name": "RHSA-2019:3694", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3694"}, {"name": "RHSA-2019:3755", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3755"}, {"name": "RHSA-2019:3754", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3754"}, {"name": "RHSA-2019:3895", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3895"}, {"name": "RHSA-2019:3916", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3916"}, {"name": "RHBA-2019:3248", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHBA-2019:3248"}, {"name": "RHSA-2019:3941", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:3941"}, {"name": "RHSA-2019:4191", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:4191"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us"}, {"name": "RHSA-2020:0388", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2020:0388"}, {"name": "GLSA-202003-12", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202003-12"}, {"name": "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/09/14/2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-14287", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a \"sudo -u \\#$((0xffffffff))\" command."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20191014 Sudo: CVE-2019-14287", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/10/14/1"}, {"name": "USN-4154-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4154-1/"}, {"name": "DSA-4543", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4543"}, {"name": "20191015 [SECURITY] [DSA 4543-1] sudo security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Oct/21"}, {"name": "20191015 [slackware-security] sudo (SSA:2019-287-01)", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Oct/20"}, {"name": "openSUSE-SU-2019:2316", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html"}, {"name": "http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html"}, {"name": "FEDORA-2019-9cb221f2be", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/"}, {"name": "https://www.sudo.ws/alerts/minus_1_uid.html", "refsource": "CONFIRM", "url": "https://www.sudo.ws/alerts/minus_1_uid.html"}, {"name": "openSUSE-SU-2019:2333", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html"}, {"name": "https://security.netapp.com/advisory/ntap-20191017-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20191017-0003/"}, {"name": "[oss-security] 20191015 Re: Sudo: CVE-2019-14287", "refsource": "MLIST", "url": "https://www.openwall.com/lists/oss-security/2019/10/15/2"}, {"name": "[debian-lts-announce] 20191017 [SECURITY] [DLA 1964-1] sudo security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html"}, {"name": "FEDORA-2019-67998e9f7e", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/"}, {"name": "https://support.f5.com/csp/article/K53746212?utm_source=f5support&utm_medium=RSS", "refsource": "CONFIRM", "url": "https://support.f5.com/csp/article/K53746212?utm_source=f5support&utm_medium=RSS"}, {"name": "[oss-security] 20191023 Membership application for linux-distros - VMware", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"}, {"name": "RHSA-2019:3197", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3197"}, {"name": "RHSA-2019:3205", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3205"}, {"name": "RHSA-2019:3204", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3204"}, {"name": "RHSA-2019:3209", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3209"}, {"name": "RHSA-2019:3219", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3219"}, {"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"}, {"name": "FEDORA-2019-72755db9c7", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/"}, {"name": "RHSA-2019:3278", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3278"}, {"name": "https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287", "refsource": "MISC", "url": "https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287"}, {"name": "RHSA-2019:3694", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3694"}, {"name": "RHSA-2019:3755", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3755"}, {"name": "RHSA-2019:3754", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3754"}, {"name": "RHSA-2019:3895", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3895"}, {"name": "RHSA-2019:3916", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3916"}, {"name": "RHBA-2019:3248", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2019:3248"}, {"name": "RHSA-2019:3941", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:3941"}, {"name": "RHSA-2019:4191", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:4191"}, {"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us"}, {"name": "RHSA-2020:0388", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2020:0388"}, {"name": "GLSA-202003-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202003-12"}, {"name": "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/09/14/2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T00:12:43.383Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20191014 Sudo: CVE-2019-14287", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2019/10/14/1"}, {"name": "USN-4154-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4154-1/"}, {"name": "DSA-4543", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "https://www.debian.org/security/2019/dsa-4543"}, {"name": "20191015 [SECURITY] [DSA 4543-1] sudo security update", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2019/Oct/21"}, {"name": "20191015 [slackware-security] sudo (SSA:2019-287-01)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "https://seclists.org/bugtraq/2019/Oct/20"}, {"name": "openSUSE-SU-2019:2316", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html"}, {"name": "FEDORA-2019-9cb221f2be", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.sudo.ws/alerts/minus_1_uid.html"}, {"name": "openSUSE-SU-2019:2333", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20191017-0003/"}, {"name": "[oss-security] 20191015 Re: Sudo: CVE-2019-14287", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://www.openwall.com/lists/oss-security/2019/10/15/2"}, {"name": "[debian-lts-announce] 20191017 [SECURITY] [DLA 1964-1] sudo security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html"}, {"name": "FEDORA-2019-67998e9f7e", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.f5.com/csp/article/K53746212?utm_source=f5support&amp%3Butm_medium=RSS"}, {"name": "[oss-security] 20191023 Membership application for linux-distros - VMware", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"}, {"name": "RHSA-2019:3197", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3197"}, {"name": "RHSA-2019:3205", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3205"}, {"name": "RHSA-2019:3204", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3204"}, {"name": "RHSA-2019:3209", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3209"}, {"name": "RHSA-2019:3219", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3219"}, {"name": "[oss-security] 20191029 Re: Membership application for linux-distros - VMware", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"}, {"name": "FEDORA-2019-72755db9c7", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/"}, {"name": "RHSA-2019:3278", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3278"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287"}, {"name": "RHSA-2019:3694", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3694"}, {"name": "RHSA-2019:3755", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3755"}, {"name": "RHSA-2019:3754", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3754"}, {"name": "RHSA-2019:3895", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3895"}, {"name": "RHSA-2019:3916", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3916"}, {"name": "RHBA-2019:3248", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHBA-2019:3248"}, {"name": "RHSA-2019:3941", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:3941"}, {"name": "RHSA-2019:4191", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:4191"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us"}, {"name": "RHSA-2020:0388", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2020:0388"}, {"name": "GLSA-202003-12", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202003-12"}, {"name": "[oss-security] 20210914 Re: Oracle Solaris membership in the distros list", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/09/14/2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-14287", "datePublished": "2019-10-17T17:03:28", "dateReserved": "2019-07-27T00:00:00", "dateUpdated": "2024-08-05T00:12:43.383Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sudo_project:sudo:*:*:*:*:*:*:*:*", "matchCriteriaId": "07F52D32-AC76-42B8-B59F-57D5E36010CB", "versionEndExcluding": "1.8.28", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "matchCriteriaId": "D100F7CE-FC64-4CC6-852A-6136D72DA419", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "matchCriteriaId": "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*", "matchCriteriaId": "E902EEC6-9A41-4FBC-8D81-891DF846A5CB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.1:*:*:*:*:*:*:*", "matchCriteriaId": "064E7BDD-4EF0-4A0D-A38D-8C75BAFEDCEF", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:virtualization:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "D8C66E6D-8AD2-4709-BD18-ED9EAF9D8546", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "0CF73560-2F5B-4723-A8A1-9AADBB3ADA00", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "83737173-E12E-4641-BC49-0BD84A6B29D0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "92BC9265-6959-4D37-BE5E-8C45E98992F8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "831F0F47-3565-4763-B16F-C87B1FF2035E", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "0E3F09B5-569F-4C58-9FCA-3C0953D107B5", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "1F3BEFDB-5156-4E1C-80BB-8BE9FEAA7623", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B09ACF2D-D83F-4A86-8185-9569605D8EE1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a \"sudo -u \\#$((0xffffffff))\" command."}, {"lang": "es", "value": "En Sudo anteriores a 1.8.28, un atacante con acceso a una cuenta Runas ALL sudoer puede omitir ciertas listas negras de pol\u00edticas y m\u00f3dulos PAM de sesi\u00f3n, y puede causar un registro incorrecto, mediante la invocaci\u00f3n sudo con un ID de usuario creado. Por ejemplo, esto permite la omisi\u00f3n de la configuraci\u00f3n root y el registro USER= para un comando \"sudo -u \\#$((0xffffffff))\"."}], "id": "CVE-2019-14287", "lastModified": "2023-11-07T03:04:52.657", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-10-17T18:15:12.330", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00042.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00047.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/154853/Slackware-Security-Advisory-sudo-Updates.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/10/14/1"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/10/24/1"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/10/29/3"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2021/09/14/2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHBA-2019:3248"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3197"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3204"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3205"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3209"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3219"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3278"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3694"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3754"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3755"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3895"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3916"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:3941"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:4191"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2020:0388"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00022.html"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IP7SIOAVLSKJGMTIULX52VQUPTVSC43U/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NPLAM57TPJQGKQMNG6RHFBLACD6K356N/"}, {"source": "cve@mitre.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUVAOZBYUHZS56A5FQSCDVGXT7PW7FL2/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://resources.whitesourcesoftware.com/blog-whitesource/new-vulnerability-in-sudo-cve-2019-14287"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2019/Oct/20"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "https://seclists.org/bugtraq/2019/Oct/21"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202003-12"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20191017-0003/"}, {"source": "cve@mitre.org", "url": "https://support.f5.com/csp/article/K53746212?utm_source=f5support&amp%3Butm_medium=RSS"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03976en_us"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4154-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2019/dsa-4543"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2019/10/15/2"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://www.sudo.ws/alerts/minus_1_uid.html"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-755"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank the Sudo project for reporting this issue. Upstream acknowledges Joe Vennix (Apple Information Security) as the original reporter.", "affected_release": [{"advisory": "RHSA-2019:4191", "cpe": "cpe:/o:redhat:rhel_els:5", "package": "sudo-0:1.7.2p1-31.el5_11.1", "product_name": "Red Hat Enterprise Linux 5 Extended Lifecycle Support", "release_date": "2019-12-10T00:00:00Z"}, {"advisory": "RHSA-2019:3755", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "sudo-0:1.8.6p3-29.el6_10.2", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2019-11-06T00:00:00Z"}, {"advisory": "RHSA-2019:3895", "cpe": "cpe:/o:redhat:rhel_aus:6.5", "package": "sudo-0:1.8.6p3-12.el6_5.2", "product_name": "Red Hat Enterprise Linux 6.5 Advanced Update Support", "release_date": "2019-11-18T00:00:00Z"}, {"advisory": "RHSA-2019:3754", "cpe": "cpe:/o:redhat:rhel_aus:6.6", "package": "sudo-0:1.8.6p3-15.el6_6.2", "product_name": "Red Hat Enterprise Linux 6.6 Advanced Update Support", "release_date": "2019-11-06T00:00:00Z"}, {"advisory": "RHSA-2019:3197", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "sudo-0:1.8.23-4.el7_7.1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2019-10-24T00:00:00Z"}, {"advisory": "RHSA-2019:3278", "cpe": "cpe:/o:redhat:rhel_aus:7.2", "package": "sudo-0:1.8.6p7-17.el7_2.2", "product_name": "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date": "2019-10-31T00:00:00Z"}, {"advisory": "RHSA-2019:3278", "cpe": "cpe:/o:redhat:rhel_tus:7.2", "package": "sudo-0:1.8.6p7-17.el7_2.2", "product_name": "Red Hat Enterprise Linux 7.2 Telco Extended Update Support", "release_date": "2019-10-31T00:00:00Z"}, {"advisory": "RHSA-2019:3278", "cpe": "cpe:/o:redhat:rhel_e4s:7.2", "package": "sudo-0:1.8.6p7-17.el7_2.2", "product_name": "Red Hat Enterprise Linux 7.2 Update Services for SAP Solutions", "release_date": "2019-10-31T00:00:00Z"}, {"advisory": "RHSA-2019:3219", "cpe": "cpe:/o:redhat:rhel_aus:7.3", "package": "sudo-0:1.8.6p7-23.el7_3.2", "product_name": "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date": "2019-10-29T00:00:00Z"}, {"advisory": "RHSA-2019:3219", "cpe": "cpe:/o:redhat:rhel_tus:7.3", "package": "sudo-0:1.8.6p7-23.el7_3.2", "product_name": "Red Hat Enterprise Linux 7.3 Telco Extended Update Support", "release_date": "2019-10-29T00:00:00Z"}, {"advisory": "RHSA-2019:3219", "cpe": "cpe:/o:redhat:rhel_e4s:7.3", "package": "sudo-0:1.8.6p7-23.el7_3.2", "product_name": "Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions", "release_date": "2019-10-29T00:00:00Z"}, {"advisory": "RHSA-2019:3209", "cpe": "cpe:/o:redhat:rhel_aus:7.4", "package": "sudo-0:1.8.19p2-12.el7_4.1", "product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date": "2019-10-28T00:00:00Z"}, {"advisory": "RHSA-2019:3209", "cpe": "cpe:/o:redhat:rhel_tus:7.4", "package": "sudo-0:1.8.19p2-12.el7_4.1", "product_name": "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date": "2019-10-28T00:00:00Z"}, {"advisory": "RHSA-2019:3209", "cpe": "cpe:/o:redhat:rhel_e4s:7.4", "package": "sudo-0:1.8.19p2-12.el7_4.1", "product_name": "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date": "2019-10-28T00:00:00Z"}, {"advisory": "RHSA-2019:3204", "cpe": "cpe:/o:redhat:rhel_eus:7.5", "package": "sudo-0:1.8.19p2-14.el7_5.1", "product_name": "Red Hat Enterprise Linux 7.5 Extended Update Support", "release_date": "2019-10-24T00:00:00Z"}, {"advisory": "RHSA-2019:3205", "cpe": "cpe:/o:redhat:rhel_eus:7.6", "package": "sudo-0:1.8.23-3.el7_6.1", "product_name": "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date": "2019-10-24T00:00:00Z"}, {"advisory": "RHSA-2019:3694", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "sudo-0:1.8.25p1-8.el8_1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-11-05T00:00:00Z"}, {"advisory": "RHSA-2020:0388", "cpe": "cpe:/o:redhat:rhel_e4s:8.0", "package": "sudo-0:1.8.25p1-4.el8_0.2", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-02-04T00:00:00Z"}, {"advisory": "RHSA-2019:3941", "cpe": "cpe:/a:redhat:openshift:4.1", "package": "machine-os-content-container", "product_name": "Red Hat OpenShift Container Platform 4", "release_date": "2019-11-21T00:00:00Z"}, {"advisory": "RHSA-2019:3916", "cpe": "cpe:/a:redhat:openshift:4.2", "package": "machine-os-content-container", "product_name": "Red Hat OpenShift Container Platform 4", "release_date": "2019-11-19T00:00:00Z"}, {"advisory": "RHBA-2019:3248", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "low", "package": "redhat-release-virtualization-host-0:4.2-15.1.el7", "product_name": "Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2019-10-30T00:00:00Z"}, {"advisory": "RHBA-2019:3248", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "low", "package": "redhat-virtualization-host-0:4.2-20191022.0.el7_6", "product_name": "Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2019-10-30T00:00:00Z"}], "bugzilla": {"description": "sudo: Privilege escalation via 'Runas' specification with 'ALL' keyword", "id": "1760531", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1760531"}, "csaw": true, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-267", "details": ["In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a \"sudo -u \\#$((0xffffffff))\" command.", "A flaw was found in the way sudo implemented running commands with arbitrary user ID. If a sudoers entry is written to allow the attacker to run a command as any user except root, this flaw can be used by the attacker to bypass that restriction."], "mitigation": {"lang": "en:us", "value": "This vulnerability only affects configurations of sudo that have a runas user list that includes an exclusion of root. The most simple example is:\n~~~\nsomeuser ALL=(ALL, !root) /usr/bin/somecommand\n~~~\nThe exclusion is specified using an excalamation mark (!). In this example, the \"root\" user is specified by name. The root user may also be identified in other ways, such as by user id:\n~~~\nsomeuser ALL=(ALL, !#0) /usr/bin/somecommand\n~~~\nor by reference to a runas alias:\n~~~\nRunas_Alias MYGROUP = root, adminuser\nsomeuser ALL=(ALL, !MYGROUP) /usr/bin/somecommand\n~~~\nTo ensure your sudoers configuration is not affected by this vulnerability, we recommend examining each sudoers entry that includes the `!` character in the runas specification, to ensure that the root user is not among the exclusions. These can be found in the /etc/sudoers file or files under /etc/sudoers.d."}, "name": "CVE-2019-14287", "public_date": "2019-10-14T15:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-14287\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-14287\nhttps://www.sudo.ws/alerts/minus_1_uid.html"], "statement": "This flaw only affects specific, non-default configurations of sudo, in which sudoers configuration entry allows a user to run a command as any user except root, for example:\nsomeuser myhost = (ALL, !root) /usr/bin/somecommand\nThis configuration allows user \"someuser\" to run somecommand as any other user except root. However, this flaw also allows someuser to run somecommand as root by specifying the target user using the numeric id of -1. Only the specified command can be run, this flaw does NOT allow user to run other commands that those specified in the sudoers configuration.\nAny other configurations of sudo (including configurations that allow user to run commands as any user including root and configurations that allow user to run command as a specific other user) are NOT affected by this flaw.\nRed Hat Virtualization Hypervisor includes an affected version of sudo, however the default configuration is not vulnerable to this flaw.", "threat_severity": "Important", "upstream_fix": "sudo 1.8.28"}