2019-07-26 13:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org" ,
"ID" : "CVE-2019-13057" ,
"STATE" : "PUBLIC"
2019-07-26 13:00:49 +00:00
} ,
2020-04-16 19:02:24 +00:00
"affects" : {
"vendor" : {
"vendor_data" : [
2019-07-26 13:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"product" : {
"product_data" : [
2019-07-26 13:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"product_name" : "n/a" ,
"version" : {
"version_data" : [
2019-07-26 13:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"version_value" : "n/a"
2019-07-26 13:00:49 +00:00
}
]
}
}
]
} ,
2020-04-16 19:02:24 +00:00
"vendor_name" : "n/a"
2019-07-26 13:00:49 +00:00
}
]
}
} ,
2020-04-16 19:02:24 +00:00
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
2019-07-26 13:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"lang" : "eng" ,
"value" : "An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.)"
2019-07-26 13:00:49 +00:00
}
]
} ,
2020-04-16 19:02:24 +00:00
"problemtype" : {
"problemtype_data" : [
2019-07-26 13:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"description" : [
2019-07-26 13:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"lang" : "eng" ,
"value" : "n/a"
2019-07-26 13:00:49 +00:00
}
]
}
]
} ,
2020-04-16 19:02:24 +00:00
"references" : {
"reference_data" : [
2019-07-30 21:00:49 +00:00
{
2020-04-16 19:02:24 +00:00
"refsource" : "UBUNTU" ,
"name" : "USN-4078-1" ,
"url" : "https://usn.ubuntu.com/4078-1/"
2019-08-19 01:00:49 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "MLIST" ,
"name" : "[debian-lts-announce] 20190818 [SECURITY] [DLA 1891-1] openldap security update" ,
"url" : "https://lists.debian.org/debian-lts-announce/2019/08/msg00024.html"
2019-08-19 16:00:52 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "UBUNTU" ,
"name" : "USN-4078-2" ,
"url" : "https://usn.ubuntu.com/4078-2/"
2019-08-22 07:00:49 +00:00
} ,
2019-09-24 00:00:56 +00:00
{
2020-04-16 19:02:24 +00:00
"refsource" : "SUSE" ,
"name" : "openSUSE-SU-2019:2157" ,
"url" : "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html"
2019-09-24 15:00:59 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "SUSE" ,
"name" : "openSUSE-SU-2019:2176" ,
"url" : "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html"
2019-12-10 20:02:45 +00:00
} ,
2019-12-11 11:01:04 +00:00
{
2020-04-16 19:02:24 +00:00
"refsource" : "BUGTRAQ" ,
"name" : "20191211 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra" ,
"url" : "https://seclists.org/bugtraq/2019/Dec/23"
2019-12-13 21:01:00 +00:00
} ,
{
2020-04-16 19:02:24 +00:00
"refsource" : "FULLDISC" ,
"name" : "20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra" ,
"url" : "http://seclists.org/fulldisclosure/2019/Dec/26"
2020-04-14 14:04:09 -07:00
} ,
{
2020-04-16 19:02:24 +00:00
"url" : "https://www.oracle.com/security-alerts/cpuapr2020.html" ,
"refsource" : "MISC" ,
"name" : "https://www.oracle.com/security-alerts/cpuapr2020.html"
2021-07-31 08:00:53 +00:00
} ,
2022-04-20 00:01:41 +00:00
{
"refsource" : "CONFIRM" ,
"name" : "https://support.apple.com/kb/HT210788" ,
"url" : "https://support.apple.com/kb/HT210788"
} ,
{
"url" : "https://www.oracle.com/security-alerts/cpuapr2022.html" ,
"refsource" : "MISC" ,
"name" : "https://www.oracle.com/security-alerts/cpuapr2022.html"
} ,
2021-07-31 08:00:53 +00:00
{
"refsource" : "CONFIRM" ,
"name" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10365" ,
"url" : "https://kc.mcafee.com/corporate/index?page=content&id=SB10365"
2022-04-19 16:10:05 -07:00
} ,
{
2022-04-20 00:01:41 +00:00
"url" : "https://www.openldap.org/its/?findid=9038" ,
"refsource" : "MISC" ,
"name" : "https://www.openldap.org/its/?findid=9038"
} ,
{
"refsource" : "CONFIRM" ,
"name" : "https://www.openldap.org/lists/openldap-announce/201907/msg00001.html" ,
"url" : "https://www.openldap.org/lists/openldap-announce/201907/msg00001.html"
} ,
{
"refsource" : "CONFIRM" ,
"name" : "https://security.netapp.com/advisory/ntap-20190822-0004/" ,
"url" : "https://security.netapp.com/advisory/ntap-20190822-0004/"
2019-07-26 13:00:49 +00:00
}
]
}
}
