CVE-2019-7628 - OpenCVE

Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these e-mails and gain access to Pagure on behalf of other users. This issue is found in the API token expiration reminder cron job in files/api_key_expire_mail.py; disabling that job is also a viable solution. (E-mailing a substring of the API key was an attempted, but rejected, solution.)

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Pagure

Configuration 1 [-]

cpe:2.3:a:redhat:pagure:5.2:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://pagure.io/pagure/c/9905fb1e64341822366b6ab1d414d2baa230af0a
https://pagure.io/pagure/issue/4230
https://pagure.io/pagure/issue/4252
https://pagure.io/pagure/issue/4253
https://pagure.io/pagure/pull-request/4254

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-02-08T03:00:00

Updated: 2024-08-04T20:54:27.895Z

Reserved: 2019-02-07T00:00:00

Link: CVE-2019-7628

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2019-02-08T03:29:00.327

Modified: 2019-02-21T14:23:30.150

Link: CVE-2019-7628

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2019-02-07T00:00:00", "descriptions": [{"lang": "en", "value": "Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these e-mails and gain access to Pagure on behalf of other users. This issue is found in the API token expiration reminder cron job in files/api_key_expire_mail.py; disabling that job is also a viable solution. (E-mailing a substring of the API key was an attempted, but rejected, solution.)"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-02-08T03:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://pagure.io/pagure/c/9905fb1e64341822366b6ab1d414d2baa230af0a"}, {"tags": ["x_refsource_MISC"], "url": "https://pagure.io/pagure/pull-request/4254"}, {"tags": ["x_refsource_MISC"], "url": "https://pagure.io/pagure/issue/4230"}, {"tags": ["x_refsource_MISC"], "url": "https://pagure.io/pagure/issue/4252"}, {"tags": ["x_refsource_MISC"], "url": "https://pagure.io/pagure/issue/4253"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-7628", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these e-mails and gain access to Pagure on behalf of other users. This issue is found in the API token expiration reminder cron job in files/api_key_expire_mail.py; disabling that job is also a viable solution. (E-mailing a substring of the API key was an attempted, but rejected, solution.)"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://pagure.io/pagure/c/9905fb1e64341822366b6ab1d414d2baa230af0a", "refsource": "MISC", "url": "https://pagure.io/pagure/c/9905fb1e64341822366b6ab1d414d2baa230af0a"}, {"name": "https://pagure.io/pagure/pull-request/4254", "refsource": "MISC", "url": "https://pagure.io/pagure/pull-request/4254"}, {"name": "https://pagure.io/pagure/issue/4230", "refsource": "MISC", "url": "https://pagure.io/pagure/issue/4230"}, {"name": "https://pagure.io/pagure/issue/4252", "refsource": "MISC", "url": "https://pagure.io/pagure/issue/4252"}, {"name": "https://pagure.io/pagure/issue/4253", "refsource": "MISC", "url": "https://pagure.io/pagure/issue/4253"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T20:54:27.895Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pagure.io/pagure/c/9905fb1e64341822366b6ab1d414d2baa230af0a"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pagure.io/pagure/pull-request/4254"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pagure.io/pagure/issue/4230"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pagure.io/pagure/issue/4252"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://pagure.io/pagure/issue/4253"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-7628", "datePublished": "2019-02-08T03:00:00", "dateReserved": "2019-02-07T00:00:00", "dateUpdated": "2024-08-04T20:54:27.895Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:pagure:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "FD4F1B26-C35A-402F-AB2A-5368F7EA98B4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these e-mails and gain access to Pagure on behalf of other users. This issue is found in the API token expiration reminder cron job in files/api_key_expire_mail.py; disabling that job is also a viable solution. (E-mailing a substring of the API key was an attempted, but rejected, solution.)"}, {"lang": "es", "value": "Pagure 5.2 filtra las claves API envi\u00e1ndoselas a los usuarios por correo electr\u00f3nico. Pocos servidores de correo electr\u00f3nico validan certificados TLS, por lo que es f\u00e1cil para un atacante Man-in-the-Middle (MitM) leer dichos correos y obtener acceso a Pagure en nombre de otros usuarios. Este problema se encuentra en el cron job del recordatorio de expiraci\u00f3n del token de la API en files/api_key_expire_mail.py; deshabilitar dicho job es tambi\u00e9n una posible soluci\u00f3n. (Se intent\u00f3 enviar una subcadena de la clave API, pero no fue una soluci\u00f3n v\u00e1lida)."}], "id": "CVE-2019-7628", "lastModified": "2019-02-21T14:23:30.150", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-02-08T03:29:00.327", "references": [{"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://pagure.io/pagure/c/9905fb1e64341822366b6ab1d414d2baa230af0a"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://pagure.io/pagure/issue/4230"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://pagure.io/pagure/issue/4252"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://pagure.io/pagure/issue/4253"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://pagure.io/pagure/pull-request/4254"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}