CVE-2022-21672 - OpenCVE

Vendors	Products
Linuxfromscratch	Make-ca

Link	Resource
https://github.com/lfs-book/make-ca/issues/19	Issue Tracking Mitigation Third Party Advisory
https://github.com/lfs-book/make-ca/pull/20	Patch Third Party Advisory
https://github.com/lfs-book/make-ca/security/advisories/GHSA-m5qh-728v-4xrx	Patch Third Party Advisory
https://lists.linuxfromscratch.org/sympa/arc/blfs-support/2022-01/msg00020.html	Mailing List Mitigation Vendor Advisory

{"containers": {"cna": {"affected": [{"product": "make-ca", "vendor": "lfs-book", "versions": [{"status": "affected", "version": ">= 0.9, < 1.10"}]}], "descriptions": [{"lang": "en", "value": "make-ca is a utility to deliver and manage a complete PKI configuration for workstations and servers. Starting with version 0.9 and prior to version 1.10, make-ca misinterprets Mozilla certdata.txt and treats explicitly untrusted certificates like trusted ones, causing those explicitly untrusted certificates trusted by the system. The explicitly untrusted certificates were used by some CAs already hacked. Hostile attackers may perform a MIM attack exploiting them. Everyone using the affected versions of make-ca should upgrade to make-ca-1.10, and run `make-ca -f -g` as the `root` user to regenerate the trusted store immediately. As a workaround, users may delete the untrusted certificates from /etc/pki/tls and /etc/ssl/certs manually (or by a script), but this is not recommended because the manual changes will be overwritten next time running make-ca to update the trusted anchor."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-115", "description": "CWE-115: Misinterpretation of Input", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-01-10T21:00:13", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/lfs-book/make-ca/security/advisories/GHSA-m5qh-728v-4xrx"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/lfs-book/make-ca/issues/19"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/lfs-book/make-ca/pull/20"}, {"tags": ["x_refsource_MISC"], "url": "https://lists.linuxfromscratch.org/sympa/arc/blfs-support/2022-01/msg00020.html"}], "source": {"advisory": "GHSA-m5qh-728v-4xrx", "discovery": "UNKNOWN"}, "title": "/etc/pki/tls and /etc/ssl/certs include distrusted certificates in make-ca", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2022-21672", "STATE": "PUBLIC", "TITLE": "/etc/pki/tls and /etc/ssl/certs include distrusted certificates in make-ca"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "make-ca", "version": {"version_data": [{"version_value": ">= 0.9, < 1.10"}]}}]}, "vendor_name": "lfs-book"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "make-ca is a utility to deliver and manage a complete PKI configuration for workstations and servers. Starting with version 0.9 and prior to version 1.10, make-ca misinterprets Mozilla certdata.txt and treats explicitly untrusted certificates like trusted ones, causing those explicitly untrusted certificates trusted by the system. The explicitly untrusted certificates were used by some CAs already hacked. Hostile attackers may perform a MIM attack exploiting them. Everyone using the affected versions of make-ca should upgrade to make-ca-1.10, and run `make-ca -f -g` as the `root` user to regenerate the trusted store immediately. As a workaround, users may delete the untrusted certificates from /etc/pki/tls and /etc/ssl/certs manually (or by a script), but this is not recommended because the manual changes will be overwritten next time running make-ca to update the trusted anchor."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-115: Misinterpretation of Input"}]}]}, "references": {"reference_data": [{"name": "https://github.com/lfs-book/make-ca/security/advisories/GHSA-m5qh-728v-4xrx", "refsource": "CONFIRM", "url": "https://github.com/lfs-book/make-ca/security/advisories/GHSA-m5qh-728v-4xrx"}, {"name": "https://github.com/lfs-book/make-ca/issues/19", "refsource": "MISC", "url": "https://github.com/lfs-book/make-ca/issues/19"}, {"name": "https://github.com/lfs-book/make-ca/pull/20", "refsource": "MISC", "url": "https://github.com/lfs-book/make-ca/pull/20"}, {"name": "https://lists.linuxfromscratch.org/sympa/arc/blfs-support/2022-01/msg00020.html", "refsource": "MISC", "url": "https://lists.linuxfromscratch.org/sympa/arc/blfs-support/2022-01/msg00020.html"}]}, "source": {"advisory": "GHSA-m5qh-728v-4xrx", "discovery": "UNKNOWN"}}}}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-21672", "datePublished": "2022-01-10T21:00:13", "dateReserved": "2021-11-16T00:00:00", "dateUpdated": "2022-01-10T21:00:13", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:linuxfromscratch:make-ca:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DF45D07-0CDF-49E7-B12B-1A17B3357573", "versionEndExcluding": "1.10", "versionStartIncluding": "0.9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "make-ca is a utility to deliver and manage a complete PKI configuration for workstations and servers. Starting with version 0.9 and prior to version 1.10, make-ca misinterprets Mozilla certdata.txt and treats explicitly untrusted certificates like trusted ones, causing those explicitly untrusted certificates trusted by the system. The explicitly untrusted certificates were used by some CAs already hacked. Hostile attackers may perform a MIM attack exploiting them. Everyone using the affected versions of make-ca should upgrade to make-ca-1.10, and run `make-ca -f -g` as the `root` user to regenerate the trusted store immediately. As a workaround, users may delete the untrusted certificates from /etc/pki/tls and /etc/ssl/certs manually (or by a script), but this is not recommended because the manual changes will be overwritten next time running make-ca to update the trusted anchor."}, {"lang": "es", "value": "make-ca es una utilidad para entregar y administrar una configuraci\u00f3n PKI completa para estaciones de trabajo y servidores. A partir de la versi\u00f3n 0.9 y versiones anteriores a 1.10, make-ca malinterpreta Mozilla certdata.txt y trata los certificados expl\u00edcitamente no confiables como si fueran confiables, causando que esos certificados expl\u00edcitamente no confiables sean confiados por el sistema. Los certificados expl\u00edcitamente no confiables fueron usados por algunas CAs ya hackeadas. Los atacantes hostiles pueden llevar a cabo un ataque de tipo MIM explot\u00e1ndolos. Todos los que usen las versiones afectadas de make-ca deber\u00edan actualizar a make-ca-1.10, y ejecutar \"make-ca -f -g\" como usuario \"root\" para regenerar el almac\u00e9n confiable inmediatamente. Como soluci\u00f3n, los usuarios pueden borrar los certificados no confiables de /etc/pki/tls y /etc/ssl/certs manualmente (o mediante un script), pero no es recomendado porque los cambios manuales ser\u00e1n sobreescritos la pr\u00f3xima vez que sea ejecutado make-ca para actualizar el anclaje confiable"}], "id": "CVE-2022-21672", "lastModified": "2022-01-24T19:40:43.103", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-01-10T21:15:08.043", "references": [{"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Mitigation", "Third Party Advisory"], "url": "https://github.com/lfs-book/make-ca/issues/19"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/lfs-book/make-ca/pull/20"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/lfs-book/make-ca/security/advisories/GHSA-m5qh-728v-4xrx"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Mitigation", "Vendor Advisory"], "url": "https://lists.linuxfromscratch.org/sympa/arc/blfs-support/2022-01/msg00020.html"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-115"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

JSON object

JSON object

JSON object