Vulnerability-Lookup

BDU:2020-00857

Vulnerability from fstec - Published: 19.12.2019

Title

Уязвимость учетной записи sudoer в файле Runas ALL программы системного администрирования Sudo, позволяющая нарушителю выдать себя за несуществующего пользователя

Description

Уязвимость учетной записи sudoer в файле Runas ALL программы системного администрирования Sudo связана с неправильным контролем доступа. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выдать себя за несуществующего пользователя

Severity ?


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Vendor

Red Hat Inc., ООО «РусБИТех-Астра», Novell Inc., Todd C. Miller

Software Name

Red Hat Enterprise Linux, Astra Linux Special Edition (запись в едином реестре российских программ №369), SUSE Linux Enterprise, SUSE CaaS Platform, Sudo

Software Version

5 (Red Hat Enterprise Linux), 6 (Red Hat Enterprise Linux), 7 (Red Hat Enterprise Linux), 1.6 «Смоленск» (Astra Linux Special Edition), High Performance Computing 12 (SUSE Linux Enterprise), Server for SAP Applications 12 SP4 (SUSE Linux Enterprise), 8 (Red Hat Enterprise Linux), Server for SAP Applications 12 SP5 (SUSE Linux Enterprise), 3.0 (SUSE CaaS Platform), Module for Basesystem 15 SP1 (SUSE Linux Enterprise), SDK 12 SP4 (SUSE Linux Enterprise), SDK 12 SP5 (SUSE Linux Enterprise), до 1.8.29 включительно (Sudo), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition)

Possible Mitigations

Использование рекомендаций: Для Sudo: https://www.sudo.ws/devel.html#1.8.30b2 https://www.sudo.ws/stable.html Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2019-19232/ Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2019-19232 Для ОС Astra Linux Special Edition 1.7: использование рекомендаций производителя: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0426SE17 Для Astra Linux Special Edition 4.7 для архитектуры ARM: https://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0727SE47 Для Astra Linux Special Edition 1.6 «Смоленск»:: обновить пакет sudo до 1.8.19p1-2.1+deb9u3+ci202402160009+astra3 или более высокой версии, используя рекомендации производителя: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16

Reference

https://cxsecurity.com/cveshow/CVE-2019-19232/ https://nvd.nist.gov/vuln/detail/CVE-2019-19232 https://access.redhat.com/security/cve/cve-2019-19232 https://www.suse.com/security/cve/CVE-2019-19232/ https://www.sudo.ws/devel.html#1.8.30b2 https://www.sudo.ws/stable.htm https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0426SE17 https://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0727SE47 https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16

CWE

CWE-284

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:N/I:C/A:N",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb, Novell Inc., Todd C. Miller",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "5 (Red Hat Enterprise Linux), 6 (Red Hat Enterprise Linux), 7 (Red Hat Enterprise Linux), 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb (Astra Linux Special Edition), High Performance Computing 12 (SUSE Linux Enterprise), Server for SAP Applications 12 SP4 (SUSE Linux Enterprise), 8 (Red Hat Enterprise Linux), Server for SAP Applications 12 SP5 (SUSE Linux Enterprise), 3.0 (SUSE CaaS Platform), Module for Basesystem 15 SP1 (SUSE Linux Enterprise), SDK 12 SP4 (SUSE Linux Enterprise), SDK 12 SP5 (SUSE Linux Enterprise), \u0434\u043e 1.8.29 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Sudo), 1.7 (Astra Linux Special Edition), 4.7 (Astra Linux Special Edition)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Sudo:\nhttps://www.sudo.ws/devel.html#1.8.30b2\nhttps://www.sudo.ws/stable.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2019-19232/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2019-19232\n\n\u0414\u043b\u044f \u041e\u0421 Astra Linux Special Edition 1.7:\n\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0426SE17\n\n\u0414\u043b\u044f Astra Linux Special Edition 4.7 \u0434\u043b\u044f \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b ARM:\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0727SE47\n\n\u0414\u043b\u044f Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb::\n\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u043a\u0435\u0442 sudo \u0434\u043e 1.8.19p1-2.1+deb9u3+ci202402160009+astra3 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f: https://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "19.12.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "07.11.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "04.03.2020",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2020-00857",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-19232",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat Enterprise Linux, Astra Linux Special Edition (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), SUSE Linux Enterprise, SUSE CaaS Platform, Sudo",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Red Hat Inc. Red Hat Enterprise Linux 5 , Red Hat Inc. Red Hat Enterprise Linux 6 , Red Hat Inc. Red Hat Enterprise Linux 7 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.6 \u00ab\u0421\u043c\u043e\u043b\u0435\u043d\u0441\u043a\u00bb  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), Novell Inc. SUSE Linux Enterprise High Performance Computing 12 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP4 , Red Hat Inc. Red Hat Enterprise Linux 8 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 12 SP5 , Novell Inc. SUSE CaaS Platform 3.0 , Novell Inc. SUSE Linux Enterprise Module for Basesystem 15 SP1 , Novell Inc. SUSE Linux Enterprise SDK 12 SP4 , Novell Inc. SUSE Linux Enterprise SDK 12 SP5 , \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 1.7  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369), \u041e\u041e\u041e \u00ab\u0420\u0443\u0441\u0411\u0418\u0422\u0435\u0445-\u0410\u0441\u0442\u0440\u0430\u00bb Astra Linux Special Edition 4.7 ARM (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u2116369)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 sudoer \u0432 \u0444\u0430\u0439\u043b\u0435 Runas ALL \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Sudo, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0434\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u0437\u0430 \u043d\u0435\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (CWE-284)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 sudoer \u0432 \u0444\u0430\u0439\u043b\u0435 Runas ALL \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Sudo \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0434\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u0437\u0430 \u043d\u0435\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://cxsecurity.com/cveshow/CVE-2019-19232/\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-19232\nhttps://access.redhat.com/security/cve/cve-2019-19232\nhttps://www.suse.com/security/cve/CVE-2019-19232/\nhttps://www.sudo.ws/devel.html#1.8.30b2\nhttps://www.sudo.ws/stable.htm\nhttps://wiki.astralinux.ru/astra-linux-se17-bulletin-2023-0426SE17\n\nhttps://wiki.astralinux.ru/astra-linux-se47-bulletin-2023-0727SE47\nhttps://wiki.astralinux.ru/astra-linux-se16-bulletin-20241017SE16",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-284",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,8)\n\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 7,5)"
}

CVE-2019-19232 (GCVE-0-2019-19232)

Vulnerability from cvelistv5 – Published: 2019-12-19 20:37 – Updated: 2024-08-05 02:09 Disputed

Summary

In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://www.sudo.ws/stable.html	x_refsource_MISC
	https://www.sudo.ws/devel.html#1.8.30b2	x_refsource_CONFIRM
	https://security.netapp.com/advisory/ntap-2020010…	x_refsource_CONFIRM
	https://quickview.cloudapps.cisco.com/quickview/b…	x_refsource_MISC
	https://quickview.cloudapps.cisco.com/quickview/b…	x_refsource_MISC
	https://www.bsi.bund.de/SharedDocs/Warnmeldungen/…	x_refsource_MISC
	https://support2.windriver.com/index.php?page=def…	x_refsource_MISC
	https://quickview.cloudapps.cisco.com/quickview/b…	x_refsource_MISC
	https://support2.windriver.com/index.php?page=cve…	x_refsource_CONFIRM
	https://access.redhat.com/security/cve/cve-2019-19232	x_refsource_CONFIRM
	https://quickview.cloudapps.cisco.com/quickview/b…	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://support.apple.com/kb/HT211100	x_refsource_CONFIRM
	http://seclists.org/fulldisclosure/2020/Mar/31	mailing-listx_refsource_FULLDISC
	https://support.apple.com/en-gb/HT211100	x_refsource_CONFIRM
	https://www.tenable.com/plugins/nessus/133936	x_refsource_MISC
	https://www.oracle.com/security-alerts/bulletinap…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T02:09:39.576Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.sudo.ws/stable.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.sudo.ws/devel.html#1.8.30b2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/cve-2019-19232"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870"
          },
          {
            "name": "FEDORA-2020-8b563bc5f4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
          },
          {
            "name": "FEDORA-2020-7c1b270959",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT211100"
          },
          {
            "name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2020/Mar/31"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.apple.com/en-gb/HT211100"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.tenable.com/plugins/nessus/133936"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-04-23T13:02:22.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.sudo.ws/stable.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.sudo.ws/devel.html#1.8.30b2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/security/cve/cve-2019-19232"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870"
        },
        {
          "name": "FEDORA-2020-8b563bc5f4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
        },
        {
          "name": "FEDORA-2020-7c1b270959",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/kb/HT211100"
        },
        {
          "name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2020/Mar/31"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.apple.com/en-gb/HT211100"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.tenable.com/plugins/nessus/133936"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
        }
      ],
      "tags": [
        "disputed"
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-19232",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.sudo.ws/stable.html",
              "refsource": "MISC",
              "url": "https://www.sudo.ws/stable.html"
            },
            {
              "name": "https://www.sudo.ws/devel.html#1.8.30b2",
              "refsource": "CONFIRM",
              "url": "https://www.sudo.ws/devel.html#1.8.30b2"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20200103-0004/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20200103-0004/"
            },
            {
              "name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812",
              "refsource": "MISC",
              "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58812"
            },
            {
              "name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979",
              "refsource": "MISC",
              "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58979"
            },
            {
              "name": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html",
              "refsource": "MISC",
              "url": "https://www.bsi.bund.de/SharedDocs/Warnmeldungen/DE/CB/2019/12/warnmeldung_cb-k20-0001.html"
            },
            {
              "name": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506",
              "refsource": "MISC",
              "url": "https://support2.windriver.com/index.php?page=defects\u0026on=view\u0026id=LIN1018-5506"
            },
            {
              "name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103",
              "refsource": "MISC",
              "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs58103"
            },
            {
              "name": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232",
              "refsource": "CONFIRM",
              "url": "https://support2.windriver.com/index.php?page=cve\u0026on=view\u0026id=CVE-2019-19232"
            },
            {
              "name": "https://access.redhat.com/security/cve/cve-2019-19232",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/security/cve/cve-2019-19232"
            },
            {
              "name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870",
              "refsource": "MISC",
              "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs76870"
            },
            {
              "name": "FEDORA-2020-8b563bc5f4",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IY6DZ7WMDKU4ZDML6MJLDAPG42B5WVUC/"
            },
            {
              "name": "FEDORA-2020-7c1b270959",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6TKF36KOQUVJNBHSVJFA7BU3CCEYD2F/"
            },
            {
              "name": "https://support.apple.com/kb/HT211100",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/kb/HT211100"
            },
            {
              "name": "20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2020/Mar/31"
            },
            {
              "name": "https://support.apple.com/en-gb/HT211100",
              "refsource": "CONFIRM",
              "url": "https://support.apple.com/en-gb/HT211100"
            },
            {
              "name": "https://www.tenable.com/plugins/nessus/133936",
              "refsource": "MISC",
              "url": "https://www.tenable.com/plugins/nessus/133936"
            },
            {
              "name": "https://www.oracle.com/security-alerts/bulletinapr2020.html",
              "refsource": "CONFIRM",
              "url": "https://www.oracle.com/security-alerts/bulletinapr2020.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-19232",
    "datePublished": "2019-12-19T20:37:09.000Z",
    "dateReserved": "2019-11-22T00:00:00.000Z",
    "dateUpdated": "2024-08-05T02:09:39.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2020-00857

CVE-2019-19232 (GCVE-0-2019-19232)

Tags

Sightings

Nomenclature