CVE-2019-3693

Published Jan 24, 2020

Last updated 3 years ago

CVSS high 7.8

Overview

Description: A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. This issue affects: SUSE Linux Enterprise Server 11 mailman versions prior to 2.1.15-9.6.15.1. SUSE Linux Enterprise Server 12 mailman versions prior to 2.1.17-3.11.1. openSUSE Leap 15.1 mailman version 2.1.29-lp151.2.14 and prior versions.
Source: meissner@suse.de
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.2
Impact score: 10
Exploitability score: 3.9
Vector string: AV:L/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

meissner@suse.de: CWE-59
nvd@nist.gov: CWE-59

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:suse:mailman:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4378052-91CF-47E4-8600-F3FAF2A6A2C0",
            "versionEndExcluding": "2.1.15-9.6.15.1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F13F07CC-739B-465C-9184-0E9D708BD4C7"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:suse:mailman:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C31B658-2EE8-4DCF-9D52-5BD03110B7A5",
            "versionEndExcluding": "2.1.17-3.11.1"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:suse:mailman:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39D76848-1031-46B9-B1EF-7BC3EB3B6597",
            "versionEndIncluding": "2.1.29-lp151.2.14"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40513095-7E6E-46B3-B604-C926F1BA3568"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References