{"containers": {"cna": {"affected": [{"product": "ksh", "vendor": "KornShell", "versions": [{"status": "affected", "version": "20120801"}]}], "descriptions": [{"lang": "en", "value": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-07-20T23:06:17", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/kb/HT211170"}, {"name": "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2020/May/53"}, {"name": "[debian-lts-announce] 20200720 [SECURITY] [DLA 2284-1] ksh security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T00:26:39.141Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.apple.com/kb/HT211170"}, {"name": "20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2020/May/53"}, {"name": "[debian-lts-announce] 20200720 [SECURITY] [DLA 2284-1] ksh security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2019-14868", "datePublished": "2020-04-02T16:48:57", "dateReserved": "2019-08-10T00:00:00", "dateUpdated": "2024-08-05T00:26:39.141Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ksh_project:ksh:20120801:*:*:*:*:*:*:*", "matchCriteriaId": "C453FD9C-7375-4E2E-84AD-ABC3CC786153", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "99973242-A249-4C34-B042-5F833AE73708", "versionEndExcluding": "10.15.5", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely."}, {"lang": "es", "value": "En ksh versi\u00f3n 20120801, se detect\u00f3 un fallo en la manera que eval\u00faa determinadas variables de entorno. Un atacante podr\u00eda usar este fallo para anular u omitir unas restricciones del entorno para ejecutar comandos de shell. Los servicios y las aplicaciones permiten a atacantes remotos no autenticados proporcionar una de esas variables de entorno que podr\u00edan permitirles explotar este problema remotamente."}], "id": "CVE-2019-14868", "lastModified": "2024-11-21T04:27:32.553", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 5.9, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-02T17:15:13.990", "references": [{"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2020/May/53"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT211170"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2020/May/53"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14868"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00015.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://support.apple.com/kb/HT211170"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2020:0515", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "ksh-0:20120801-38.el6_10", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2020-02-17T00:00:00Z"}, {"advisory": "RHSA-2020:0568", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "ksh-0:20120801-140.el7_7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2020-02-24T00:00:00Z"}, {"advisory": "RHSA-2020:5352", "cpe": "cpe:/o:redhat:rhel_aus:7.2", "package": "ksh-0:20120801-26.el7_2", "product_name": "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date": "2020-12-07T00:00:00Z"}, {"advisory": "RHSA-2020:5351", "cpe": "cpe:/o:redhat:rhel_aus:7.3", "package": "ksh-0:20120801-27.el7_3", "product_name": "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date": "2020-12-07T00:00:00Z"}, {"advisory": "RHSA-2020:2210", "cpe": "cpe:/o:redhat:rhel_aus:7.4", "package": "ksh-0:20120801-36.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date": "2020-05-19T00:00:00Z"}, {"advisory": "RHSA-2020:2210", "cpe": "cpe:/o:redhat:rhel_tus:7.4", "package": "ksh-0:20120801-36.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date": "2020-05-19T00:00:00Z"}, {"advisory": "RHSA-2020:2210", "cpe": "cpe:/o:redhat:rhel_e4s:7.4", "package": "ksh-0:20120801-36.el7_4", "product_name": "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date": "2020-05-19T00:00:00Z"}, {"advisory": "RHSA-2020:1332", "cpe": "cpe:/o:redhat:rhel_eus:7.5", "package": "ksh-0:20120801-138.el7_5", "product_name": "Red Hat Enterprise Linux 7.5 Extended Update Support", "release_date": "2020-04-06T00:00:00Z"}, {"advisory": "RHSA-2020:1333", "cpe": "cpe:/o:redhat:rhel_eus:7.6", "package": "ksh-0:20120801-140.el7_6", "product_name": "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date": "2020-04-06T00:00:00Z"}, {"advisory": "RHSA-2020:0559", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "ksh-0:20120801-253.el8_1", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-02-20T00:00:00Z"}, {"advisory": "RHSA-2020:0431", "cpe": "cpe:/a:redhat:rhel_e4s:8.0", "package": "ksh-0:20120801-253.el8_0", "product_name": "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date": "2020-02-05T00:00:00Z"}], "bugzilla": {"description": "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", "id": "1757324", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757324"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.4", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-77", "details": ["In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely."], "mitigation": {"lang": "en:us", "value": "No known mitigation available."}, "name": "CVE-2019-14868", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Out of support scope", "package_name": "ksh", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2019-12-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-14868\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-14868"], "threat_severity": "Important"}