{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-49582", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2023-11-27T18:07:52.860Z", "datePublished": "2024-08-26T14:03:44.588Z", "dateUpdated": "2025-03-13T14:25:56.517Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache Portable Runtime (APR)", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "1.7.4", "status": "affected", "version": "0.9.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Thomas Stangner"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. <br><br>This issue does not affect non-Unix platforms, or builds with&nbsp;APR_USE_SHMEM_SHMGET=1 (apr.h)<br><br>Users are recommended to upgrade to APR version 1.7.5, which fixes this issue."}], "value": "Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. \n\nThis issue does not affect non-Unix platforms, or builds with\u00a0APR_USE_SHMEM_SHMGET=1 (apr.h)\n\nUsers are recommended to upgrade to APR version 1.7.5, which fixes this issue."}], "metrics": [{"other": {"content": {"text": "moderate"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-08-26T14:03:44.588Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://lists.apache.org/thread/sntjc04t1rvjhdzz2tzmtz2zdnmv7dc4"}], "source": {"discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2023-02-08T22:06:00.000Z", "value": "Discussion on public mailing list https://lists.apache.org/thread/h5f1c2dqm8bf5yfosw3rg85927p612l0"}, {"lang": "en", "time": "2023-11-15T16:21:00.000Z", "value": "Reported to security team"}, {"lang": "en", "time": "2024-08-20T17:40:00.000Z", "value": "fixed by r1920083 in 1.7.x. r1920062 is encouraged for functional reasons."}], "title": "Apache Portable Runtime (APR): Unexpected lax shared memory permissions", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-26T17:39:05.591843Z", "id": "CVE-2023-49582", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-13T14:25:56.517Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/08/26/1"}, {"url": "https://security.netapp.com/advisory/ntap-20241101-0004/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-11-01T17:03:02.892Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/08/26/1"}, {"url": "https://security.netapp.com/advisory/ntap-20241101-0004/"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-11-01T17:03:02.892Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-49582", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-26T17:39:05.591843Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-26T17:39:12.329Z"}}], "cna": {"title": "Apache Portable Runtime (APR): Unexpected lax shared memory permissions", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "Thomas Stangner"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "moderate"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Portable Runtime (APR)", "versions": [{"status": "affected", "version": "0.9.0", "versionType": "semver", "lessThanOrEqual": "1.7.4"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2023-02-08T22:06:00.000Z", "value": "Discussion on public mailing list https://lists.apache.org/thread/h5f1c2dqm8bf5yfosw3rg85927p612l0"}, {"lang": "en", "time": "2023-11-15T16:21:00.000Z", "value": "Reported to security team"}, {"lang": "en", "time": "2024-08-20T17:40:00.000Z", "value": "fixed by r1920083 in 1.7.x. r1920062 is encouraged for functional reasons."}], "references": [{"url": "https://lists.apache.org/thread/sntjc04t1rvjhdzz2tzmtz2zdnmv7dc4", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. \n\nThis issue does not affect non-Unix platforms, or builds with\u00a0APR_USE_SHMEM_SHMGET=1 (apr.h)\n\nUsers are recommended to upgrade to APR version 1.7.5, which fixes this issue.", "supportingMedia": [{"type": "text/html", "value": "Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. <br><br>This issue does not affect non-Unix platforms, or builds with&nbsp;APR_USE_SHMEM_SHMGET=1 (apr.h)<br><br>Users are recommended to upgrade to APR version 1.7.5, which fixes this issue.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-732", "description": "CWE-732 Incorrect Permission Assignment for Critical Resource"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-08-26T14:03:44.588Z"}}}, "cveMetadata": {"cveId": "CVE-2023-49582", "state": "PUBLISHED", "dateUpdated": "2025-03-13T14:25:56.517Z", "dateReserved": "2023-11-27T18:07:52.860Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2024-08-26T14:03:44.588Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:portable_runtime:*:*:*:*:*:*:*:*", "matchCriteriaId": "CD6DB048-3EE7-4014-80B7-B6935B2B5661", "versionEndExcluding": "1.7.5", "versionStartIncluding": "0.9.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. \n\nThis issue does not affect non-Unix platforms, or builds with\u00a0APR_USE_SHMEM_SHMGET=1 (apr.h)\n\nUsers are recommended to upgrade to APR version 1.7.5, which fixes this issue."}, {"lang": "es", "value": "Los permisos laxos establecidos por la librer\u00eda Apache Portable Runtime en plataformas Unix permitir\u00edan a los usuarios locales acceso de lectura a segmentos de memoria compartida con nombre, lo que podr\u00eda revelar datos confidenciales de la aplicaci\u00f3n. Este problema no afecta a plataformas que no son Unix ni a compilaciones con APR_USE_SHMEM_SHMGET=1 (apr.h). Se recomienda a los usuarios actualizar a la versi\u00f3n 1.7.5 de APR, que soluciona este problema."}], "id": "CVE-2023-49582", "lastModified": "2025-03-13T15:15:39.267", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-08-26T14:15:07.050", "references": [{"source": "security@apache.org", "tags": ["Mailing List"], "url": "https://lists.apache.org/thread/sntjc04t1rvjhdzz2tzmtz2zdnmv7dc4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2024/08/26/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.netapp.com/advisory/ntap-20241101-0004/"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-732"}], "source": "security@apache.org", "type": "Secondary"}]}

{"bugzilla": {"description": "APR: Lax permissions in Apache Portable Runtime shared memory", "id": "2307913", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307913"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-732", "details": ["Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. \nThis issue does not affect non-Unix platforms, or builds with\u00a0APR_USE_SHMEM_SHMGET=1 (apr.h)\nUsers are recommended to upgrade to APR version 1.7.5, which fixes this issue.", "A flaw was found in the Apache Portable Runtime (APR) library. This issue allows local users to read named shared memory segments due to incorrect permissions, potentially revealing sensitive application data."], "name": "CVE-2023-49582", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "apr", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "apr", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "apr", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "apr", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_core_services:1", "fix_state": "Not affected", "package_name": "jbcs-httpd24-apr", "product_name": "Red Hat JBoss Core Services"}], "public_date": "2024-08-26T14:15:07Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-49582\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-49582\nhttps://lists.apache.org/thread/sntjc04t1rvjhdzz2tzmtz2zdnmv7dc4"], "statement": "This issue does not affect non-Unix platforms or builds with APR_USE_SHMEM_SHMGET=1, which use the method based on SysV IPC shmget function (rather than builds with APR_USE_SHMEM_MMAP_SHM=1, which use the method based on POSIX shm_open function).\nThe APR library as shipped in Red Hat Enterprise Linux 6, 7, 8, 9 and in Red Hat JBoss Core Services is not affected by this issue because they use the method based on SysV IPC shmget function as explained above.", "threat_severity": "Moderate"}