CVE-2019-4732 - OpenCVE

IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618.

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows
Ibm	Websphere Application Server Sdk

Configuration 1 [-]

AND

OR	cpe:2.3:a:ibm:sdk:::::java_technology:::*
	cpe:2.3:a:ibm:sdk:::::java_technology:::*
	cpe:2.3:a:ibm:sdk:::::java_technology:::*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:a:ibm:websphere_application_server:7.0:::::::*
	cpe:2.3:a:ibm:websphere_application_server:8.0:::::::*
	cpe:2.3:a:ibm:websphere_application_server:8.5:::::::*
	cpe:2.3:a:ibm:websphere_application_server:9.0:::::::*

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/172618	VDB Entry Vendor Advisory
https://www.ibm.com/support/pages/node/1288060	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: ibm

Published: 2020-01-31T00:00:00

Updated: 2020-02-03T16:45:18

Reserved: 2019-01-03T00:00:00

Link: CVE-2019-4732

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-02-03T17:15:14.627

Modified: 2020-02-06T18:24:35.180

Link: CVE-2019-4732

JSON object: View

Redhat Information

No data.

CWE

CWE-426

{"containers": {"cna": {"affected": [{"product": "Java", "vendor": "IBM", "versions": [{"status": "affected", "version": "7.0.0.0"}, {"status": "affected", "version": "7.1.0.0"}, {"status": "affected", "version": "8.0.0.0"}, {"status": "affected", "version": "7.0.10.55"}, {"status": "affected", "version": "7.1.4.55"}, {"status": "affected", "version": "8.0.6.0"}]}], "datePublic": "2020-01-31T00:00:00", "descriptions": [{"lang": "en", "value": "IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitCodeMaturity": "UNPROVEN", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "remediationLevel": "OFFICIAL_FIX", "reportConfidence": "CONFIRMED", "scope": "CHANGED", "temporalScore": 6.3, "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AC:H/AV:L/PR:H/I:H/C:H/A:H/S:C/UI:R/E:U/RC:C/RL:O", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Gain Privileges", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-03T16:45:18", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.ibm.com/support/pages/node/1288060"}, {"name": "ibm-sdk-cve20194732-code-exec (172618)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172618"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "DATE_PUBLIC": "2020-01-31T00:00:00", "ID": "CVE-2019-4732", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Java", "version": {"version_data": [{"version_value": "7.0.0.0"}, {"version_value": "7.1.0.0"}, {"version_value": "8.0.0.0"}, {"version_value": "7.0.10.55"}, {"version_value": "7.1.4.55"}, {"version_value": "8.0.6.0"}]}}]}, "vendor_name": "IBM"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618."}]}, "impact": {"cvssv3": {"BM": {"A": "H", "AC": "H", "AV": "L", "C": "H", "I": "H", "PR": "H", "S": "C", "UI": "R"}, "TM": {"E": "U", "RC": "C", "RL": "O"}}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Gain Privileges"}]}]}, "references": {"reference_data": [{"name": "https://www.ibm.com/support/pages/node/1288060", "refsource": "CONFIRM", "title": "IBM Security Bulletin 1288060 (Java)", "url": "https://www.ibm.com/support/pages/node/1288060"}, {"name": "ibm-sdk-cve20194732-code-exec (172618)", "refsource": "XF", "title": "X-Force Vulnerability Report", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172618"}]}}}}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2019-4732", "datePublished": "2020-01-31T00:00:00", "dateReserved": "2019-01-03T00:00:00", "dateUpdated": "2020-02-03T16:45:18", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*", "matchCriteriaId": "8744D28C-4CBA-4777-89DC-8BBE1AD327A1", "versionEndIncluding": "7.0.10.55", "versionStartIncluding": "7.0.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*", "matchCriteriaId": "8D4B39C8-9D08-41A6-9173-75FB13F597CF", "versionEndIncluding": "7.1.4.55", "versionStartIncluding": "7.1.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:sdk:*:*:*:*:java_technology:*:*:*", "matchCriteriaId": "05936C33-90D9-46B5-B5F5-52CC13595ABA", "versionEndIncluding": "8.0.6.0", "versionStartIncluding": "8.0.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "B0905C80-A1BA-49CD-90CA-9270ECC3940C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "07EBB48B-4EE2-4333-851E-BA1B104FBE92", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*", "matchCriteriaId": "E30E8CE2-9137-4669-AE86-FB8ED0899736", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "C4F6F77C-2C0D-4A31-B2A0-DB1C4296FF5E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618."}, {"lang": "es", "value": "IBM SDK, Java Technology Edition Versi\u00f3n versiones 7.0.0.0 hasta 7.0.10.55, versiones 7.1.0.0 hasta 7.1.4.55 y versiones 8.0.0.0 hasta 8.0.6.0, podr\u00edan permitir a un atacante autenticado local ejecutar c\u00f3digo arbitrario en el sistema, causado por una vulnerabilidad de secuestro del orden de b\u00fasqueda de DLL en el cliente de Microsoft Windows. Mediante la colocaci\u00f3n de un archivo especialmente dise\u00f1ado en una carpeta comprometida, un atacante podr\u00eda explotar esta vulnerabilidad para ejecutar c\u00f3digo arbitrario en el sistema. ID de IBM X-Force: 172618."}], "id": "CVE-2019-4732", "lastModified": "2020-02-06T18:24:35.180", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 0.6, "impactScore": 6.0, "source": "psirt@us.ibm.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-02-03T17:15:14.627", "references": [{"source": "psirt@us.ibm.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172618"}, {"source": "psirt@us.ibm.com", "tags": ["Vendor Advisory"], "url": "https://www.ibm.com/support/pages/node/1288060"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}], "source": "nvd@nist.gov", "type": "Primary"}]}