GSD-2019-13421

Vulnerability from gsd - Updated: 2023-12-13 01:23
Details
Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database.
Aliases
Aliases
CVE-2019-13421
To clipboard 

{
  "GSD": {
    "alias": "CVE-2019-13421",
    "description": "Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database.",
    "id": "GSD-2019-13421"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-13421"
      ],
      "details": "Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database.",
      "id": "GSD-2019-13421",
      "modified": "2023-12-13T01:23:41.333378Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@search-guard.com",
        "ID": "CVE-2019-13421",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Search Guard",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_value": "23.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "floragunn"
            }
          ]
        }
      },
      "credit": [
        {
          "lang": "eng",
          "value": "This security vulnerability was found by Torsten Lutz and Oliver Streicher of SySS\nGmbH.\n\nE-Mail: torsten.lutz (at) syss.de\nPublic Key: https://www.syss.de/fileadmin/dokumente/PGPKeys/Torsten_Lutz.asc\nKey Fingerprint: DAB2 86A6 C099 1350 9FCB FB9B 94E8 DC24 BAEC ACC8\n\nE-Mail: oliver.streicher (at) syss.de\nPublic Key: https://www.syss.de/fileadmin/dokumente/PGPKeys/Oliver_Streicher.asc\nKey Fingerprint: 1973 E30F 7966 F45E CCAB 1BF1 3F08 A35E DCB8 35D6"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-522: Insufficiently Protected Credentials"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://search-guard.com/cve-advisory/",
            "refsource": "MISC",
            "url": "https://search-guard.com/cve-advisory/"
          },
          {
            "name": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1",
            "refsource": "CONFIRM",
            "url": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1"
          },
          {
            "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SySS-2018-025.txt",
            "refsource": "MISC",
            "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SySS-2018-025.txt"
          }
        ]
      },
      "source": {
        "advisory": "",
        "defect": [],
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:search-guard:search_guard:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "23.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@search-guard.com",
          "ID": "CVE-2019-13421"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Search Guard versions before 23.1 had an issue that an administrative user is able to retrieve bcrypt password hashes of other users configured in the internal user database."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://search-guard.com/cve-advisory/",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://search-guard.com/cve-advisory/"
            },
            {
              "name": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1",
              "refsource": "CONFIRM",
              "tags": [
                "Release Notes"
              ],
              "url": "https://docs.search-guard.com/6.x-23/changelog-searchguard-6-x-23_1"
            },
            {
              "name": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SySS-2018-025.txt",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SySS-2018-025.txt"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 1.2,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-09T23:46Z",
      "publishedDate": "2019-08-23T14:15Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.