CVE-2019-3692 - OpenCVE

The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Opensuse	Backports Sle Factory Leap
Suse	Inn Linux Enterprise Server

Configuration 1 [-]

AND

cpe:2.3:a:suse:inn:*:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:a:suse:inn:*:*:*:*:*:*:*:*

cpe:2.3:a:opensuse:factory:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:a:suse:inn:*:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

Configuration 4 [-]

OR	cpe:2.3:a:opensuse:backports_sle:15.0:sp1::::::
	cpe:2.3:o:opensuse:leap:15.1:::::::*

No data.

References

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00028.html
https://bugzilla.suse.com/show_bug.cgi?id=1154302

History

No history.

MITRE

Status: PUBLISHED

Assigner: suse

Published: 2020-01-24T08:50:12.217219Z

Updated: 2024-09-16T20:51:57.334Z

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-3692

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-01-24T09:15:13.203

Modified: 2022-11-16T03:05:17.800

Link: CVE-2019-3692

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "SUSE Linux Enterprise Server 11", "vendor": "SUSE", "versions": [{"lessThanOrEqual": "2.4.2-170.21.3.1", "status": "affected", "version": "inn", "versionType": "custom"}]}, {"product": "Factory", "vendor": "openSUSE", "versions": [{"lessThanOrEqual": "2.6.2-2.2", "status": "affected", "version": "inn", "versionType": "custom"}]}, {"product": "Leap 15.1", "vendor": "openSUSE", "versions": [{"lessThanOrEqual": "2.5.4-lp151.2.47", "status": "affected", "version": "inn", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Johannes Segitz of SUSE"}], "datePublic": "2020-01-24T00:00:00", "descriptions": [{"lang": "en", "value": "The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-59", "description": "CWE-59: Improper Link Resolution Before File Access ('Link Following')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-11-20T15:45:08", "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse"}, "references": [{"name": "openSUSE-SU-2020:0234", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00027.html"}, {"name": "openSUSE-SU-2020:0242", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00028.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1154302"}], "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1154302", "defect": ["1154302"], "discovery": "INTERNAL"}, "title": "Local privilege escalation from user news to root in the packaging of inn", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@suse.com", "DATE_PUBLIC": "2020-01-24T00:00:00.000Z", "ID": "CVE-2019-3692", "STATE": "PUBLIC", "TITLE": "Local privilege escalation from user news to root in the packaging of inn"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "SUSE Linux Enterprise Server 11", "version": {"version_data": [{"version_affected": "<=", "version_name": "inn", "version_value": "2.4.2-170.21.3.1"}]}}]}, "vendor_name": "SUSE"}, {"product": {"product_data": [{"product_name": "Factory", "version": {"version_data": [{"version_affected": "<=", "version_name": "inn", "version_value": "2.6.2-2.2"}]}}, {"product_name": "Leap 15.1", "version": {"version_data": [{"version_affected": "<=", "version_name": "inn", "version_value": "2.5.4-lp151.2.47"}]}}]}, "vendor_name": "openSUSE"}]}}, "credit": [{"lang": "eng", "value": "Johannes Segitz of SUSE"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-59: Improper Link Resolution Before File Access ('Link Following')"}]}]}, "references": {"reference_data": [{"name": "openSUSE-SU-2020:0234", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00027.html"}, {"name": "openSUSE-SU-2020:0242", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00028.html"}, {"name": "https://bugzilla.suse.com/show_bug.cgi?id=1154302", "refsource": "CONFIRM", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1154302"}]}, "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1154302", "defect": ["1154302"], "discovery": "INTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T19:19:17.781Z"}, "title": "CVE Program Container", "references": [{"name": "openSUSE-SU-2020:0234", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00027.html"}, {"name": "openSUSE-SU-2020:0242", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00028.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1154302"}]}]}, "cveMetadata": {"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "assignerShortName": "suse", "cveId": "CVE-2019-3692", "datePublished": "2020-01-24T08:50:12.217219Z", "dateReserved": "2019-01-03T00:00:00", "dateUpdated": "2024-09-16T20:51:57.334Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:suse:inn:*:*:*:*:*:*:*:*", "matchCriteriaId": "181A7096-BBD6-44C8-8D9E-6F941D410D44", "versionEndIncluding": "2.4.2-170.21.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*", "matchCriteriaId": "F13F07CC-739B-465C-9184-0E9D708BD4C7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:suse:inn:*:*:*:*:*:*:*:*", "matchCriteriaId": "868A4550-1844-4DEE-8EA9-3A0EC6E6C26D", "versionEndIncluding": "2.6.2-2.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:factory:-:*:*:*:*:*:*:*", "matchCriteriaId": "E29492E1-43D8-43BF-94E3-26A762A66FAA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:suse:inn:*:*:*:*:*:*:*:*", "matchCriteriaId": "2862580A-E7D3-4B8E-A799-5B46EA7D6722", "versionEndIncluding": "2.5.4-lp151.2.47", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions."}, {"lang": "es", "value": "El empaquetado de inn en SUSE Linux Enterprise Server versi\u00f3n 11; openSUSE Factory, Leap versi\u00f3n 15.1, permite a atacantes locales escalar desde un usuario inn a root, mediante ataques de tipo symlink. Este problema afecta a: inn versi\u00f3n 2.4.2-170.21.3.1 y versiones anteriores, de SUSE Linux Enterprise Server versi\u00f3n 11. inn versi\u00f3n 2.6.2-2.2 y versiones anteriores, de openSUSE Factory . inn versi\u00f3n 2.5.4-lp151.2.47 y versiones anteriores de openSUSE Leap versi\u00f3n 15.1."}], "id": "CVE-2019-3692", "lastModified": "2022-11-16T03:05:17.800", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.2, "source": "meissner@suse.de", "type": "Secondary"}]}, "published": "2020-01-24T09:15:13.203", "references": [{"source": "meissner@suse.de", "tags": ["Broken Link", "Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00027.html"}, {"source": "meissner@suse.de", "tags": ["Broken Link", "Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00028.html"}, {"source": "meissner@suse.de", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1154302"}], "sourceIdentifier": "meissner@suse.de", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-59"}], "source": "meissner@suse.de", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-59"}], "source": "nvd@nist.gov", "type": "Secondary"}]}