cvelist/2023/6xxx/CVE-2023-6395.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2023-6395",
        "ASSIGNER": "secalert@redhat.com",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "There is a flaw in the Mock software where an attacker may achieve privilege escalation and execute arbitrary code as the root user. This is due to the lack of sandboxing when expanding and executing Jinja2 templates that may be included in some configuration parameters.\r\nMock documentation recommends that users added to the mock group on a system be treated as privileged users. However, some build systems that invoke mock on behalf of users may unintentionally allow less privileged users to define configuration tags that will be passed to mock as parameters when run. Configuration tags that allow Jinja2 templates could be used to achieve remote privilege escalation and run arbitrary code as root on the build server."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Improper Input Validation",
                        "cweId": "CWE-20"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "n/a",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "mock",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "defaultStatus": "affected"
                                            }
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                },
                {
                    "vendor_name": "Red Hat",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Red Hat Enterprise Linux 6",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "defaultStatus": "unaffected"
                                            }
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                },
                {
                    "vendor_name": "Fedora",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Extra Packages for Enterprise Linux",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "defaultStatus": "affected"
                                            }
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "Fedora",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "not down converted",
                                            "x_cve_json_5_version_data": {
                                                "defaultStatus": "affected"
                                            }
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://access.redhat.com/security/cve/CVE-2023-6395",
                "refsource": "MISC",
                "name": "https://access.redhat.com/security/cve/CVE-2023-6395"
            },
            {
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252206",
                "refsource": "MISC",
                "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2252206"
            }
        ]
    },
    "credits": [
        {
            "lang": "en",
            "value": "Red Hat would like to thank Sankin Nikita Alexeevich for reporting this issue."
        }
    ],
    "impact": {
        "cvss": [
            {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "availabilityImpact": "HIGH",
                "baseScore": 6.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
            }
        ]
    }
}
"-Synchronized-Data." 2023-11-30 06:00:32 +00:00			`{`
"-Synchronized-Data." 2024-01-16 15:00:38 +00:00			`"data_version": "4.0",`
"-Synchronized-Data." 2023-11-30 06:00:32 +00:00			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"CVE_data_meta": {`
			`"ID": "CVE-2023-6395",`
"-Synchronized-Data." 2024-01-16 15:00:38 +00:00			`"ASSIGNER": "secalert@redhat.com",`
			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2023-11-30 06:00:32 +00:00			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2024-01-16 15:00:38 +00:00			"value": "There is a flaw in the Mock software where an attacker may achieve privilege escalation and execute arbitrary code as the root user. This is due to the lack of sandboxing when expanding and executing Jinja2 templates that may be included in some configuration parameters.\r\nMock documentation recommends that users added to the mock group on a system be treated as privileged users. However, some build systems that invoke mock on behalf of users may unintentionally allow less privileged users to define configuration tags that will be passed to mock as parameters when run. Configuration tags that allow Jinja2 templates could be used to achieve remote privilege escalation and run arbitrary code as root on the build server."
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Improper Input Validation",`
			`"cweId": "CWE-20"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "n/a",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "mock",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "not down converted",`
			`"x_cve_json_5_version_data": {`
			`"defaultStatus": "affected"`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`{`
			`"vendor_name": "Red Hat",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Red Hat Enterprise Linux 6",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "not down converted",`
			`"x_cve_json_5_version_data": {`
			`"defaultStatus": "unaffected"`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`{`
			`"vendor_name": "Fedora",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Extra Packages for Enterprise Linux",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "not down converted",`
			`"x_cve_json_5_version_data": {`
			`"defaultStatus": "affected"`
			`}`
			`}`
			`]`
			`}`
			`},`
			`{`
			`"product_name": "Fedora",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "not down converted",`
			`"x_cve_json_5_version_data": {`
			`"defaultStatus": "affected"`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://access.redhat.com/security/cve/CVE-2023-6395",`
			`"refsource": "MISC",`
			`"name": "https://access.redhat.com/security/cve/CVE-2023-6395"`
			`},`
			`{`
			`"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2252206",`
			`"refsource": "MISC",`
			`"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2252206"`
			`}`
			`]`
			`},`
			`"credits": [`
			`{`
			`"lang": "en",`
			`"value": "Red Hat would like to thank Sankin Nikita Alexeevich for reporting this issue."`
			`}`
			`],`
			`"impact": {`
			`"cvss": [`
			`{`
			`"attackComplexity": "LOW",`
			`"attackVector": "LOCAL",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 6.7,`
			`"baseSeverity": "MEDIUM",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"privilegesRequired": "HIGH",`
			`"scope": "UNCHANGED",`
			`"userInteraction": "NONE",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",`
			`"version": "3.1"`
"-Synchronized-Data." 2023-11-30 06:00:32 +00:00			`}`
			`]`
			`}`
			`}`