Russian Vulnerability Scanner Database

Back to List

CVE-2019-14287

Scores

EPSS

0.858high85.8%
0%20%40%60%80%100%

Percentile: 85.8%

CVSS

7.0high3.x
0246810

CVSS Score: 7.0/10

All CVSS Scores

CVSS 3.x
7.0

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0
9.0

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Description

In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a “sudo -u #$((0xffffffff))” command.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

astradebiannvdredhatubuntu

CWEs

CWE-267CWE-755

Related Vulnerabilities

BDU:2019-03696

Exploits

Exploit ID: 47502

Source: exploitdb

URL: https://www.exploit-db.com/exploits/47502

Exploit ID: CVE-2019-14287

Source: github-poc

URL: https://github.com/Sindayifu/CVE-2019-14287-CVE-2014-6271

Recommendations

Source: nvd

All sudo users should upgrade to the latest version:
# emerge –sync
# emerge –ask –oneshot –verbose “>=app-admin/sudo-1.8.31”

URL: https://security.gentoo.org/glsa/202003-12

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2020:0388

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2019:4191

Source: nvd

For OpenShift Container Platform 4.1 see the following documentation, whichwill be updated shortly for release 4.1.24, for important instructions onhow to upgrade your cluster and fully apply this asynchronous errataupdate:
https://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html

URL: https://access.redhat.com/errata/RHSA-2019:3941

Source: nvd

See the following documentation, which will be updated shortly for release 4.2.5, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:
https://docs.openshift.com/container-platform/4.2/release_notes/ocp-4-2-release-notes.html

URL: https://access.redhat.com/errata/RHSA-2019:3916

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2019:3895

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2019:3755

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2019:3754

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2019:3694

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2019:3278

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2019:3219

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2019:3209

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2019:3205

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2019:3204

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

URL: https://access.redhat.com/errata/RHSA-2019:3197

Source: nvd

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/2974891

URL: https://access.redhat.com/errata/RHBA-2019:3248

Vulnerable Software (43)

Type: Configuration

Product: redhat-release-virtualization-host

Operating System: rhel 7

Trait: 
{  "fixed": "4.2-15.1.el7"}

Source: redhat

Type: Configuration

Product: redhat-virtualization-host

Operating System: rhel 7

Trait: 
{  "fixed": "4.2-20191022.0.el7_6"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 5

Trait: 
{  "fixed": "1.7.2p1-31.el5_11.1"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 6.5

Trait: 
{  "fixed": "1.8.6p3-12.el6_5.2"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 6.6

Trait: 
{  "fixed": "1.8.6p3-15.el6_6.2"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7

Trait: 
{  "fixed": "1.8.23-4.el7_7.1"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7.2

Trait: 
{  "fixed": "1.8.6p7-17.el7_2.2"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7.2

Trait: 
{  "fixed": "1.8.6p7-17.el7_2.2"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7.2

Trait: 
{  "fixed": "1.8.6p7-17.el7_2.2"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7.3

Trait: 
{  "fixed": "1.8.6p7-23.el7_3.2"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7.3

Trait: 
{  "fixed": "1.8.6p7-23.el7_3.2"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7.3

Trait: 
{  "fixed": "1.8.6p7-23.el7_3.2"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7.4

Trait: 
{  "fixed": "1.8.19p2-12.el7_4.1"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7.4

Trait: 
{  "fixed": "1.8.19p2-12.el7_4.1"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7.4

Trait: 
{  "fixed": "1.8.19p2-12.el7_4.1"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7.5

Trait: 
{  "fixed": "1.8.19p2-14.el7_5.1"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 7.6

Trait: 
{  "fixed": "1.8.23-3.el7_6.1"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 8

Trait: 
{  "fixed": "1.8.25p1-8.el8_1"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: rhel 8.0

Trait: 
{  "fixed": "1.8.25p1-4.el8_0.2"}

Source: redhat

Type: Configuration

Product: sudo

Operating System: altlinux

Trait: 
{  "fixed": "1:1.8.28-alt1"}

Source: redhat