admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-101xx/CVE-2019-10197.json

302 lines
9.8 KiB
JSON
Raw Normal View History

bootstrap
2023-04-24 12:24:31 +02:00
{
"id": "CVE-2019-10197",
"sourceIdentifier": "secalert@redhat.com",
"published": "2019-09-03T15:15:11.223",
"lastModified": "2020-08-18T15:05:49.313",
"vulnStatus": "Modified",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share."
},
{
"lang": "es",
"value": "Se ha encontrado un error en Samba en las versiones 4.9.x hasta 4.9.13, samba versiones 4.10.x hasta 4.10.8 y samba versiones 4.11.x hasta 4.11.0rc3, cuando ciertos par\u00e1metros se establecieron en el archivo de configuraci\u00f3n de samba. Un atacante no autenticado podr\u00eda usar este defecto para escapar del directorio compartido y acceder al contenido de los directorios fuera del recurso compartido."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 6.4
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
},
{
"source": "secalert@redhat.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-22"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.9.0",
"versionEndIncluding": "4.9.13",
"matchCriteriaId": "65C21A32-9985-426A-A16F-30B0F58BA953"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:*:*:*:*:*:*:*:*",
"versionStartIncluding": "4.10.0",
"versionEndIncluding": "4.10.8",
"matchCriteriaId": "7FCB3F24-4220-42C4-9896-03AE9C5D6175"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.9.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "8A746181-E573-4080-A96B-B5C47A00DD96"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.9.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "280C0C80-3E4E-4E2A-BEB3-2E17D1B1E675"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.9.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "A0D28AE7-4CCD-41DB-9863-FF2990D316F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.9.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "F37B907F-6E7A-4FA4-828C-327AA838AB02"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.9.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "C8665763-B246-40DB-92A3-57CFCD4E70F5"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.10.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "31966B4C-81C4-4C65-B127-A918EA50863E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.10.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "BB58CF2F-D1E1-4459-AEC8-A8C3F53D9028"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.10.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "846B3FA6-9799-412D-B36E-DE56F889CC7F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.10.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "854212A7-CFCE-4C1D-9C9B-8C98C69604B4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "36AAA8FC-627F-4928-853C-1B785D1E33C0"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.11.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "D75D1E2C-C220-41E1-903E-5908D8F53373"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.11.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "ACC5280F-160C-4835-A9FB-3D5F625BB073"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:samba:samba:4.11.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "05A7E021-6CAA-4581-A274-996E0A69967C"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
"matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
}
]
}
]
}
],
"references": [
{
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00045.html",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:3253",
"source": "secalert@redhat.com"
},
{
"url": "https://access.redhat.com/errata/RHSA-2019:4023",
"source": "secalert@redhat.com"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10197",
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Mitigation",
"Third Party Advisory"
]
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56ZUXHGDHPM7S6RVAKULZT5EATS37OKA/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7NYIUZOCIDXWXGWMZ7O5Z7OJ6IX7EAB/",
"source": "secalert@redhat.com"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z6EEKFT24DQI4DMZMSQTLMNZWG4RMZ57/",
"source": "secalert@redhat.com"
},
{
"url": "https://seclists.org/bugtraq/2019/Sep/4",
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/202003-52",
"source": "secalert@redhat.com"
},
{
"url": "https://security.netapp.com/advisory/ntap-20190903-0001/",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://support.f5.com/csp/article/K69511801",
"source": "secalert@redhat.com"
},
{
"url": "https://support.f5.com/csp/article/K69511801?utm_source=f5support&utm_medium=RSS",
"source": "secalert@redhat.com"
},
{
"url": "https://usn.ubuntu.com/4121-1/",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.debian.org/security/2019/dsa-4513",
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://www.samba.org/samba/security/CVE-2019-10197.html",
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue Copy Permalink