Vulnerability CVE-2019-12816

Vulnerability Name:

CVE-2019-12816 (CCN-162667)

Assigned:

2019-06-12

Published:

2019-06-12

Updated:

2020-08-24

Summary:

Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-admin users to escalate privileges and execute arbitrary code by loading a module with a crafted name.

CVSS v3 Severity:

8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

8.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
7.7 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

6.5 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

9.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-20

Vulnerability Consequences:

Gain Privileges

References:

Source: MITRE
Type: CNA
CVE-2019-12816

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:1775

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2019:1859

Source: XF
Type: UNKNOWN
znc-cve201912816-priv-esc(162667)

Source: CCN
Type: znc GIT Repository
Fix remote code execution and privilege escalation vulnerability.

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311

Source: CONFIRM
Type: Patch, Third Party Advisory
https://github.com/znc/znc/compare/be1b6bc...d1997d6

Source: MLIST
Type: UNKNOWN
[debian-lts-announce] 20190620 [SECURITY] [DLA 1830-1] znc security update

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-0e70ef9cbb

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-154930f99b

Source: FEDORA
Type: UNKNOWN
FEDORA-2019-233d9b9a5e

Source: BUGTRAQ
Type: Third Party Advisory
20190617 [SECURITY] [DSA 4463-1] znc security update

Source: CCN
Type: BugTraq Mailing List, Fri, 14 Jun 2019 20:11:30 +0000
[SECURITY] [DSA 4463-1] znc security update

Source: GENTOO
Type: UNKNOWN
GLSA-201908-15

Source: UBUNTU
Type: UNKNOWN
USN-4044-1

Vulnerable Configuration:

Configuration 1:

cpe:/a:znc:znc:*:*:*:*:*:*:*:* (Version <= 1.7.3)

Configuration CCN 1:

cpe:/a:znc:znc:1.7.0:*:*:*:*:*:*:*

OR cpe:/a:znc:znc:1.7.2:*:*:*:*:*:*:*

OR cpe:/a:znc:znc:1.7.3:*:*:*:*:*:*:*

OR cpe:/a:znc:znc:1.7.1:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201912816	V	CVE-2019-12816	2022-06-30
oval:org.opensuse.security:def:113626	P	znc-1.8.2-1.11 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:93430	P	(Important)	2021-12-01
oval:org.opensuse.security:def:107008	P	znc-1.8.2-1.11 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:62352	P	xalan-j2-2.7.2-9.64 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62832	P	texlive-collection-basic-2017.135.svn41616-9.12.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62353	P	xdg-utils-1.1.3+20190413-1.24 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63034	P	perl-Mail-SpamAssassin-Plugin-iXhash2-2.05-12.10.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:74287	P	Security update for gdk-pixbuf (Moderate)	2021-01-21
oval:org.opensuse.security:def:62376	P	docker-19.03.5_ce-6.31.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63172	P	nginx-1.14.0-1.14 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62553	P	libgxps-devel-0.3.0-4.3.29 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63398	P	jakarta-commons-fileupload-1.1.1-2.82 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:63859	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:64221	P	btrfsmaintenance on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:63965	P	Security update for ceph (Important)	2020-12-01
oval:org.opensuse.security:def:74161	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:64067	P	Security update for libX11 (Moderate)	2020-12-01
oval:org.opensuse.security:def:63725	P	Security update for elfutils (Low)	2020-12-01
oval:org.opensuse.security:def:64109	P	Security update for bluez (Important)	2020-12-01
oval:org.opensuse.security:def:100143	P	Security update for znc (Important)	2019-08-13
oval:org.opensuse.security:def:109911	P	Security update for znc (Important)	2019-07-21
oval:com.ubuntu.bionic:def:2019128160000000	V	CVE-2019-12816 on Ubuntu 18.04 LTS (bionic) - medium.	2019-06-15
oval:com.ubuntu.disco:def:2019128160000000	V	CVE-2019-12816 on Ubuntu 19.04 (disco) - medium.	2019-06-15
oval:com.ubuntu.cosmic:def:2019128160000000	V	CVE-2019-12816 on Ubuntu 18.10 (cosmic) - medium.	2019-06-15
oval:com.ubuntu.xenial:def:2019128160000000	V	CVE-2019-12816 on Ubuntu 16.04 LTS (xenial) - medium.	2019-06-15

BACK