{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2019-3804", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2024-08-04T19:19:18.489Z", "dateReserved": "2019-01-03T00:00:00", "datePublished": "2019-03-26T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2022-10-07T00:00:00"}, "descriptions": [{"lang": "en", "value": "It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash."}], "affected": [{"vendor": "[UNKNOWN]", "product": "cockpit", "versions": [{"version": "184", "status": "affected"}]}], "references": [{"name": "RHSA-2019:1569", "tags": ["vendor-advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1569"}, {"name": "RHSA-2019:1571", "tags": ["vendor-advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1571"}, {"url": "https://github.com/cockpit-project/cockpit/pull/10819"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3804"}, {"url": "https://github.com/cockpit-project/cockpit/commit/c51f6177576d7e12"}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-909", "cweId": "CWE-909"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T19:19:18.489Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2019:1569", "tags": ["vendor-advisory", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1569"}, {"name": "RHSA-2019:1571", "tags": ["vendor-advisory", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1571"}, {"url": "https://github.com/cockpit-project/cockpit/pull/10819", "tags": ["x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3804", "tags": ["x_transferred"]}, {"url": "https://github.com/cockpit-project/cockpit/commit/c51f6177576d7e12", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cockpit-project:cockpit:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2CEED97-8131-48FF-A4FC-3A13FFC37788", "versionEndExcluding": "184", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3FEADDA-2AEE-4F65-9401-971B585664A8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash."}, {"lang": "es", "value": "Se ha detectado que cockpit, en versiones anteriores a la 184, empleaba incorrectamente la funcionalidad de descodificaci\u00f3n de base64 de glib, lo que resultaba en un ataque de denegaci\u00f3n de servicio (DoS). Un atacante no autenticado podr\u00eda enviar una petici\u00f3n especialmente manipulada con una cookie no v\u00e1lida codificada en base64, lo que podr\u00eda provocar el cierre inesperado del servicio web."}], "id": "CVE-2019-3804", "lastModified": "2022-11-07T19:03:02.597", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-03-26T18:29:00.543", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1569"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1571"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3804"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/cockpit-project/cockpit/commit/c51f6177576d7e12"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://github.com/cockpit-project/cockpit/pull/10819"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-909"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-909"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2019:0482", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "cockpit-0:173.2-1.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2019-03-13T00:00:00Z"}, {"advisory": "RHSA-2019:1569", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "redhat-release-virtualization-host-0:4.3-0.8.el7", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2019-06-20T00:00:00Z"}, {"advisory": "RHSA-2019:1569", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "redhat-virtualization-host-0:4.3-20190610.0.el7_6", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2019-06-20T00:00:00Z"}, {"advisory": "RHSA-2019:1571", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "rhvm-appliance-0:4.3-20190605.0.el7", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2019-06-20T00:00:00Z"}], "bugzilla": {"description": "cockpit: Crash when parsing invalid base64 headers", "id": "1663567", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663567"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-909", "details": ["It was found that cockpit before version 184 used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash.", "It was found that cockpit used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash."], "name": "CVE-2019-3804", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "cockpit", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/a:redhat:openshift:3.10", "fix_state": "Not affected", "package_name": "cockpit", "product_name": "Red Hat OpenShift Container Platform 3.10"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Not affected", "package_name": "cockpit", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:3.4", "fix_state": "Not affected", "package_name": "cockpit", "product_name": "Red Hat OpenShift Container Platform 3.4"}, {"cpe": "cpe:/a:redhat:openshift:3.5", "fix_state": "Not affected", "package_name": "cockpit", "product_name": "Red Hat OpenShift Container Platform 3.5"}, {"cpe": "cpe:/a:redhat:openshift:3.6", "fix_state": "Not affected", "package_name": "cockpit", "product_name": "Red Hat OpenShift Container Platform 3.6"}, {"cpe": "cpe:/a:redhat:openshift:3.7", "fix_state": "Not affected", "package_name": "cockpit", "product_name": "Red Hat OpenShift Container Platform 3.7"}, {"cpe": "cpe:/a:redhat:openshift:3.9", "fix_state": "Not affected", "package_name": "cockpit", "product_name": "Red Hat OpenShift Container Platform 3.9"}], "public_date": "2018-12-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-3804\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-3804\nhttps://github.com/cockpit-project/cockpit/pull/10819"], "statement": "Red Hat Enterprise Linux (RHEL) ships binary packages built from the cockpit source RPM, which was affected by this flaw and subsequently updated to address the issue.\nAll OpenShift Container Platform (OCP) versions to date ship with an image that contains a cockpit-kubernetes RPM, built separately from the same cockpit SRPM. The cockpit-kubernetes RPM is not affected by this vulnerability as it does not contain the affected code, thus OCP is also marked \"not affected\". Updates for all other cockpit RPMs should be applied from the appropriate RHEL channels.", "threat_severity": "Moderate", "upstream_fix": "cockpit 184"}