{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2019-1552", "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "datePublished": "2019-07-30T16:29:24.093372Z", "dateUpdated": "2024-09-16T16:18:01.834Z", "dateReserved": "2018-11-28T00:00:00"}, "containers": {"cna": {"title": "Windows builds with insecure path defaults", "datePublic": "2019-07-30T00:00:00", "providerMetadata": {"orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl", "dateUpdated": "2022-12-13T00:00:00"}, "descriptions": [{"lang": "en", "value": "OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s)."}], "affected": [{"vendor": "OpenSSL", "product": "OpenSSL", "versions": [{"version": "Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c)", "status": "affected"}, {"version": "Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k)", "status": "affected"}, {"version": "Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s)", "status": "affected"}]}], "references": [{"name": "FEDORA-2019-db06efdea1", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"}, {"name": "FEDORA-2019-00c25b9379", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"}, {"name": "FEDORA-2019-9a0a7c0986", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}, {"url": "https://www.tenable.com/security/tns-2019-08"}, {"url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"url": "https://www.tenable.com/security/tns-2019-09"}, {"url": "https://www.openssl.org/news/secadv/20190730.txt"}, {"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=54aa9d51b09d67e90db443f682cface795f5af9e"}, {"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e32bc855a81a2d48d215c506bdeb4f598045f7e9"}, {"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=b15a19c148384e73338aa7c5b12652138e35ed28"}, {"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=d333ebaf9c77332754a9d5e111e2f53e1de54fdd"}, {"url": "https://security.netapp.com/advisory/ntap-20190823-0006/"}, {"url": "https://support.f5.com/csp/article/K94041354"}, {"url": "https://support.f5.com/csp/article/K94041354?utm_source=f5support&amp%3Butm_medium=RSS"}, {"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"name": "VU#429301", "tags": ["third-party-advisory"], "url": "https://www.kb.cert.org/vuls/id/429301"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"}], "credits": [{"lang": "en", "value": "Rich Mirch"}], "metrics": [{"other": {"type": "unknown", "content": {"lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#Low", "value": "Low"}}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Insecure defaults"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:20:27.621Z"}, "title": "CVE Program Container", "references": [{"name": "FEDORA-2019-db06efdea1", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"}, {"name": "FEDORA-2019-00c25b9379", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"}, {"name": "FEDORA-2019-9a0a7c0986", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2020.html", "tags": ["x_transferred"]}, {"url": "https://www.oracle.com/security-alerts/cpujul2020.html", "tags": ["x_transferred"]}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "tags": ["x_transferred"]}, {"url": "https://www.tenable.com/security/tns-2019-08", "tags": ["x_transferred"]}, {"url": "https://www.oracle.com/security-alerts/cpujan2020.html", "tags": ["x_transferred"]}, {"url": "https://www.tenable.com/security/tns-2019-09", "tags": ["x_transferred"]}, {"url": "https://www.openssl.org/news/secadv/20190730.txt", "tags": ["x_transferred"]}, {"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=54aa9d51b09d67e90db443f682cface795f5af9e", "tags": ["x_transferred"]}, {"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e32bc855a81a2d48d215c506bdeb4f598045f7e9", "tags": ["x_transferred"]}, {"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=b15a19c148384e73338aa7c5b12652138e35ed28", "tags": ["x_transferred"]}, {"url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=d333ebaf9c77332754a9d5e111e2f53e1de54fdd", "tags": ["x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20190823-0006/", "tags": ["x_transferred"]}, {"url": "https://support.f5.com/csp/article/K94041354", "tags": ["x_transferred"]}, {"url": "https://support.f5.com/csp/article/K94041354?utm_source=f5support&amp%3Butm_medium=RSS", "tags": ["x_transferred"]}, {"url": "https://www.oracle.com/security-alerts/cpuoct2020.html", "tags": ["x_transferred"]}, {"name": "VU#429301", "tags": ["third-party-advisory", "x_transferred"], "url": "https://www.kb.cert.org/vuls/id/429301"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365", "tags": ["x_transferred"]}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "matchCriteriaId": "0DAC8B94-3674-4E4B-9BB0-A16CA0197885", "versionEndIncluding": "1.0.2s", "versionStartIncluding": "1.0.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "matchCriteriaId": "65728FC6-4B4F-4D43-872B-BE1133BB2281", "versionEndIncluding": "1.1.0k", "versionStartIncluding": "1.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "matchCriteriaId": "A2ACA227-3992-478E-85C3-023D8AF88A08", "versionEndIncluding": "1.1.1c", "versionStartIncluding": "1.1.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s)."}, {"lang": "es", "value": "OpenSSL presenta valores predeterminados internos para un \u00e1rbol de directorios donde puede encontrar un archivo de configuraci\u00f3n, as\u00ed como certificados utilizados para la comprobaci\u00f3n en TLS. Este directorio se conoce m\u00e1s com\u00fanmente como OPENSSLDIR, y se puede configurar con las opciones de configuraci\u00f3n --prefix / --openssldir. Para las versiones 1.1.0 y 1.1.1 de OpenSSL, los destinos de configuraci\u00f3n de mingw suponen que los programas y bibliotecas resultantes est\u00e1n instalados en un entorno similar a Unix y el prefijo predeterminado para la instalaci\u00f3n del programa, as\u00ed como para OPENSSLDIR debe ser \u201c/usr/ local\u201d. Sin embargo, los programas mingw son programas de Windows, y como tal, se encuentran buscando subdirectorios de \u201cC:/usr/local\u201d, que pueden ser grabables world, lo que permite a los usuarios no confiables modificar la configuraci\u00f3n predeterminada de OpenSSL, insertar certificados de CA, modificar (o incluso reemplazar) los m\u00f3dulos de motor existentes, etc. Para OpenSSL versi\u00f3n 1.0.2, \u201c/usr/local/ssl\u201d se utiliza de por defecto para OPENSSLDIR en todos los Unix y Windows de destino, incluidas las compilaciones de Visual C. Sin embargo, algunas instrucciones de compilaci\u00f3n para los diversos Windows de destino en la versi\u00f3n 1.0.2 le incentivan a especificar su propio --prefix. Las versiones 1.1.1, 1.1.0 y 1.0.2 de OpenSSL est\u00e1n afectadas por este problema. Debido al alcance limitado de las implementaciones afectadas, esto se ha evaluado como de baja gravedad y, por lo tanto, no estamos creando nuevas versiones en este momento. Corregido en OpenSSL versi\u00f3n 1.1.1d (versiones afectadas 1.1.1 hasta 1.1.1c). Corregido en OpenSSL versi\u00f3n 1.1.0l (versiones afectadas 1.1.0 hasta 1.1.0k). Corregido en OpenSSL versi\u00f3n 1.0.2t (versiones afectadas 1.0.2 hasta 1.0.2s)."}], "id": "CVE-2019-1552", "lastModified": "2023-11-07T03:08:29.123", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-07-30T17:15:12.780", "references": [{"source": "openssl-security@openssl.org", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"}, {"source": "openssl-security@openssl.org", "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=54aa9d51b09d67e90db443f682cface795f5af9e"}, {"source": "openssl-security@openssl.org", "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=b15a19c148384e73338aa7c5b12652138e35ed28"}, {"source": "openssl-security@openssl.org", "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=d333ebaf9c77332754a9d5e111e2f53e1de54fdd"}, {"source": "openssl-security@openssl.org", "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e32bc855a81a2d48d215c506bdeb4f598045f7e9"}, {"source": "openssl-security@openssl.org", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10365"}, {"source": "openssl-security@openssl.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/"}, {"source": "openssl-security@openssl.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/"}, {"source": "openssl-security@openssl.org", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/"}, {"source": "openssl-security@openssl.org", "url": "https://security.netapp.com/advisory/ntap-20190823-0006/"}, {"source": "openssl-security@openssl.org", "url": "https://support.f5.com/csp/article/K94041354"}, {"source": "openssl-security@openssl.org", "url": "https://support.f5.com/csp/article/K94041354?utm_source=f5support&amp%3Butm_medium=RSS"}, {"source": "openssl-security@openssl.org", "url": "https://www.kb.cert.org/vuls/id/429301"}, {"source": "openssl-security@openssl.org", "tags": ["Vendor Advisory"], "url": "https://www.openssl.org/news/secadv/20190730.txt"}, {"source": "openssl-security@openssl.org", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"source": "openssl-security@openssl.org", "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"source": "openssl-security@openssl.org", "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"source": "openssl-security@openssl.org", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"source": "openssl-security@openssl.org", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}, {"source": "openssl-security@openssl.org", "url": "https://www.tenable.com/security/tns-2019-08"}, {"source": "openssl-security@openssl.org", "url": "https://www.tenable.com/security/tns-2019-09"}], "sourceIdentifier": "openssl-security@openssl.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-295"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "openssl: Insecure path defaults vulnerability in mingw builds", "id": "1745637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1745637"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.6", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "status": "draft"}, "details": ["OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s)."], "name": "CVE-2019-1552", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "openssl", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "openssl", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "openssl", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "openssl", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:jboss_core_services:1", "fix_state": "Not affected", "package_name": "openssl", "product_name": "Red Hat JBoss Core Services"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5", "fix_state": "Not affected", "package_name": "openssl", "product_name": "Red Hat JBoss Enterprise Application Platform 5"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Not affected", "package_name": "openssl", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2", "fix_state": "Not affected", "package_name": "openssl", "product_name": "Red Hat JBoss Enterprise Web Server 2"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3", "fix_state": "Not affected", "package_name": "openssl", "product_name": "Red Hat JBoss Web Server 3"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:5", "fix_state": "Not affected", "package_name": "openssl", "product_name": "Red Hat JBoss Web Server 5"}], "public_date": "2019-07-30T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-1552\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-1552\nhttps://www.openssl.org/news/secadv/20190730.txt"], "statement": "This issue only affects mingw-openssl builds, which are not shipped with any version of Red Hat Enterprise Linux.", "threat_severity": "Low", "upstream_fix": "OpenSSL 1.1.1d, OpenSSL 1.1.0l, OpenSSL 1.0.2t"}