2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2019-14823" ,
"sourceIdentifier" : "secalert@redhat.com" ,
"published" : "2019-10-14T20:15:10.540" ,
2024-11-23 11:10:51 +00:00
"lastModified" : "2024-11-21T04:27:26.320" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "A flaw was found in the \"Leaf and Chain\" OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root certificate of a certificate chain. Applications using this policy may not properly verify the chain and could be vulnerable to attacks such as Man in the Middle."
} ,
{
"lang" : "es" ,
"value" : "Se detect\u00f3 un fallo en la implementaci\u00f3n de la pol\u00edtica OCSP \"Leaf and Chain\" en las versiones de CryptoManager de JSS versiones posteriores a 4.4.6, 4.5.3, 4.6.0, donde confiaba impl\u00edcitamente en el certificado ra\u00edz de una cadena de certificados. Es posible que las aplicaciones que utilizan esta pol\u00edtica no verifiquen correctamente la cadena y puedan ser vulnerables a ataques de tipo Man in the Middle."
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" ,
2024-11-23 11:10:51 +00:00
"baseScore" : 7.4 ,
"baseSeverity" : "HIGH" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "HIGH" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-11-23 11:10:51 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 2.2 ,
"impactScore" : 5.2
}
] ,
"cvssMetricV30" : [
{
"source" : "secalert@redhat.com" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.0" ,
"vectorString" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" ,
2024-11-23 11:10:51 +00:00
"baseScore" : 6.8 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "HIGH" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "REQUIRED" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-11-23 11:10:51 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 1.6 ,
"impactScore" : 5.2
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:M/Au:N/C:P/I:P/A:N" ,
2024-11-23 11:10:51 +00:00
"baseScore" : 5.8 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "MEDIUM" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "PARTIAL" ,
"integrityImpact" : "PARTIAL" ,
2024-11-23 11:10:51 +00:00
"availabilityImpact" : "NONE"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 8.6 ,
"impactScore" : 4.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "secalert@redhat.com" ,
2024-12-15 03:03:56 +00:00
"type" : "Primary" ,
2023-04-24 12:24:31 +02:00
"description" : [
{
"lang" : "en" ,
"value" : "CWE-358"
}
]
} ,
{
"source" : "nvd@nist.gov" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-295"
}
]
}
] ,
"configurations" : [
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:jss_cryptomanager_project:jss_cryptomanager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.4.6" ,
"versionEndIncluding" : "4.4.7" ,
"matchCriteriaId" : "9999841C-2F59-4CD8-B548-47922047BC7A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:jss_cryptomanager_project:jss_cryptomanager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.5.3" ,
"versionEndIncluding" : "4.5.4" ,
"matchCriteriaId" : "8C8C59A5-DAEE-446C-8B76-8FEB23D21B23"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:jss_cryptomanager_project:jss_cryptomanager:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "4.6.0" ,
"versionEndIncluding" : "4.6.2" ,
"matchCriteriaId" : "ED92967F-FA85-4BB9-B0A8-84D2A05C8B69"
}
]
2024-11-23 11:10:51 +00:00
} ,
2023-04-24 12:24:31 +02:00
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
2024-11-23 11:10:51 +00:00
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
2023-04-24 12:24:31 +02:00
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6D5A165C-3721-4A87-839F-BD4F6778DA77"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9A1F55A9-FAAF-4751-BA6A-93CDB31B11C6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9045284A-C762-4913-B5AF-8499235F969C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "905EC4D0-7604-476A-8176-9FFCEB1DC6B1"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "564DCCFD-77BF-4FB1-A0A0-96104B154282"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "467A831E-C63B-476F-A71F-8FB52556BC45"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "84FF61DF-D634-4FB5-8DF1-01F631BE1A7A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "243980B8-4044-4776-B521-F9D709E68CCB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "39A7795D-CFD3-4643-A7A1-7AD7629B5511"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:6.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "28DF9D01-ADD0-4E70-8991-0EA3EAC272A0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "266EA1B3-526F-4D12-873E-08CE3861AEA6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2E4DC974-235F-4655-966F-2490A4C4E490"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B99A2411-7F6A-457F-A7BF-EB13C630F902"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "041F9200-4C01-4187-AE34-240E8277B54D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4EB48767-F095-444F-9E05-D9AC345AB803"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5F6FA12B-504C-4DBF-A32E-0548557AA2ED"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:7.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5B1633BB-7D54-4564-BC1C-3B80BA6FF215"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F4CFF558-3C47-480D-A2F0-BABF26042943"
}
]
2024-11-23 11:10:51 +00:00
} ,
2023-04-24 12:24:31 +02:00
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
2024-11-23 11:10:51 +00:00
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
2023-04-24 12:24:31 +02:00
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:x64:*" ,
"matchCriteriaId" : "AE8DED75-8C97-476F-805B-7A2F17B6BC11"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "83737173-E12E-4641-BC49-0BD84A6B29D0"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "51EF4996-72F4-4FA4-814F-F5991E7A8318"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7431ABC1-9252-419E-8CC1-311B41360078"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "17F256A9-D3B9-4C72-B013-4EFD878BFEA8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:x64:*" ,
"matchCriteriaId" : "B061040C-AB62-4ED6-8F4A-A49DA6753C4B"
}
]
2024-11-23 11:10:51 +00:00
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"
}
]
2023-04-24 12:24:31 +02:00
}
]
}
] ,
"references" : [
{
"url" : "https://access.redhat.com/errata/RHSA-2019:3067" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Exploit" ,
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://access.redhat.com/errata/RHSA-2019:3225" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14823" ,
"source" : "secalert@redhat.com" ,
"tags" : [
"Issue Tracking" ,
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ENEN4DQBE6WOGEP5BQ5X62WZM7ZQEEBG/" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O53NXVKMF7PJCPMCJQHLMSYCUGDHGBVE/" ,
"source" : "secalert@redhat.com"
} ,
{
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZZWZLNALV6AOIBIHB3ZMNA5AGZMZAIY/" ,
"source" : "secalert@redhat.com"
2024-11-23 11:10:51 +00:00
} ,
{
"url" : "https://access.redhat.com/errata/RHSA-2019:3067" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Exploit" ,
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://access.redhat.com/errata/RHSA-2019:3225" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14823" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Issue Tracking" ,
"Patch" ,
"Third Party Advisory"
]
} ,
{
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ENEN4DQBE6WOGEP5BQ5X62WZM7ZQEEBG/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O53NXVKMF7PJCPMCJQHLMSYCUGDHGBVE/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZZWZLNALV6AOIBIHB3ZMNA5AGZMZAIY/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2023-04-24 12:24:31 +02:00
}
]
}
