CVE-2019-18900 - OpenCVE

: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Suse	Suse Linux Enterprise Server Caas Platform
Opensuse	Libzypp

Configuration 1 [-]

AND

cpe:2.3:a:opensuse:libzypp:*:*:*:*:*:*:*:*

cpe:2.3:o:suse:caas_platform:3.0:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:a:opensuse:libzypp:*:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:a:opensuse:libzypp:*:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux_enterprise_server:15:*:*:*:*:*:*:*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00036.html
https://bugzilla.suse.com/show_bug.cgi?id=1158763	Issue Tracking Vendor Advisory
https://lists.debian.org/debian-lts-announce/2020/03/msg00005.html

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: suse

Published: 2020-01-24T00:00:00

Updated: 2020-03-04T04:05:59

Reserved: 2019-11-12T00:00:00

Link: CVE-2019-18900

JSON object: View

NVD Information

Status : Modified

Published: 2020-01-24T16:15:10.943

Modified: 2020-02-27T23:15:11.967

Link: CVE-2019-18900

JSON object: View

Redhat Information

No data.

CWE

CWE-276

{"containers": {"cna": {"affected": [{"product": "CaaS Platform 3.0", "vendor": "SUSE", "versions": [{"lessThan": "16.21.2-27.68.1", "status": "affected", "version": "libzypp", "versionType": "custom"}]}, {"product": "SUSE Linux Enterprise Server 12", "vendor": "SUSE", "versions": [{"lessThan": "16.21.2-2.45.1", "status": "affected", "version": "libzypp", "versionType": "custom"}]}, {"product": "SUSE Linux Enterprise Server 15", "vendor": "SUSE", "versions": [{"status": "affected", "version": "libzypp 17.19.0-3.34.1"}]}], "credits": [{"lang": "en", "value": "Matthias Gerstner of SUSE"}], "datePublic": "2020-01-24T00:00:00", "descriptions": [{"lang": "en", "value": ": Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-276", "description": "CWE-276: Incorrect Default Permissions", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-03-04T04:05:59", "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "shortName": "suse"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1158763"}, {"name": "openSUSE-SU-2020:0255", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00036.html"}, {"name": "[debian-lts-announce] 20200304 [SECURITY] [DLA 2132-1] libzypp security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00005.html"}], "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1158763", "defect": ["1158763"], "discovery": "INTERNAL"}, "title": "libzypp stores cookies world readable", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@suse.com", "DATE_PUBLIC": "2020-01-24T00:00:00.000Z", "ID": "CVE-2019-18900", "STATE": "PUBLIC", "TITLE": "libzypp stores cookies world readable"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "CaaS Platform 3.0", "version": {"version_data": [{"version_affected": "<", "version_name": "libzypp", "version_value": "16.21.2-27.68.1"}]}}, {"product_name": "SUSE Linux Enterprise Server 12", "version": {"version_data": [{"version_affected": "<", "version_name": "libzypp", "version_value": "16.21.2-2.45.1"}]}}, {"product_name": "SUSE Linux Enterprise Server 15", "version": {"version_data": [{"version_name": "libzypp", "version_value": "17.19.0-3.34.1"}]}}]}, "vendor_name": "SUSE"}]}}, "credit": [{"lang": "eng", "value": "Matthias Gerstner of SUSE"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": ": Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-276: Incorrect Default Permissions"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.suse.com/show_bug.cgi?id=1158763", "refsource": "CONFIRM", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1158763"}, {"name": "openSUSE-SU-2020:0255", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00036.html"}, {"name": "[debian-lts-announce] 20200304 [SECURITY] [DLA 2132-1] libzypp security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00005.html"}]}, "source": {"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1158763", "defect": ["1158763"], "discovery": "INTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb", "assignerShortName": "suse", "cveId": "CVE-2019-18900", "datePublished": "2020-01-24T00:00:00", "dateReserved": "2019-11-12T00:00:00", "dateUpdated": "2020-03-04T04:05:59", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:libzypp:*:*:*:*:*:*:*:*", "matchCriteriaId": "805EF031-0F25-472E-AE1A-008755BD5727", "versionEndExcluding": "16.21.2-27.68.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:suse:caas_platform:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "D5ABF09D-B887-4041-9168-5057B668F602", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:libzypp:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7A5700D-0E1B-432F-B50D-59C4AB297BDE", "versionEndExcluding": "16.21.2-2.45.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*", "matchCriteriaId": "9C649194-B8C2-49F7-A819-C635EE584ABF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:opensuse:libzypp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E29CF9A9-8160-4DAA-9B87-D82385C11B23", "versionEndExcluding": "17.19.0-3.34.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:suse:suse_linux_enterprise_server:15:*:*:*:*:*:*:*", "matchCriteriaId": "AF73A3D9-6566-4CBF-AA5F-5A4B99719A1D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": ": Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1."}, {"lang": "es", "value": "Una vulnerabilidad de Permisos Predeterminados Incorrectos en libzypp de SUSE CaaS Platform versi\u00f3n 3.0, SUSE Linux Enterprise Server versi\u00f3n12, SUSE Linux Enterprise Server versi\u00f3n 15, permiti\u00f3 a atacantes locales leer un almac\u00e9n de cookies utilizado por libzypp, exponiendo cookies privadas. Este problema afecta a: libzypp versiones anteriores a 16.21.2-27.68.1 de SUSE CaaS Platform versi\u00f3n 3.0. libzypp versiones anteriores a 16.21.2-2.45.1 de SUSE Linux Enterprise Server versi\u00f3n 12. versi\u00f3n 17.19.0-3.34.1 de SUSE Linux Enterprise Server versi\u00f3n 15."}], "id": "CVE-2019-18900", "lastModified": "2020-02-27T23:15:11.967", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "meissner@suse.de", "type": "Secondary"}]}, "published": "2020-01-24T16:15:10.943", "references": [{"source": "meissner@suse.de", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00036.html"}, {"source": "meissner@suse.de", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1158763"}, {"source": "meissner@suse.de", "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00005.html"}], "sourceIdentifier": "meissner@suse.de", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-276"}], "source": "meissner@suse.de", "type": "Secondary"}]}