Vulnerability Name:

CVE-2019-3462 (CCN-155966)

Assigned:2018-12-31
Published:2019-01-18
Updated:2020-08-24
Summary:Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
CVSS v3 Severity:8.1 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.1 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2019-3462

Source: CCN
Type: IBM Security Bulletin 881778 (VRA - Vyatta 5600)
Vyatta 5600 vRouter Software Patches - Release 1801-v

Source: BID
Type: Third Party Advisory, VDB Entry
106690

Source: CCN
Type: Launchpad Bug #1812353
content injection in http method (CVE-2019-3462)

Source: XF
Type: UNKNOWN
apt-cve20193462-code-exec(155966)

Source: MLIST
Type: Mailing List, Vendor Advisory
[infra-devnull] 20190404 [GitHub] [incubator-openwhisk-runtime-ballerina] falkzoll commented on issue #15: Update to new base image jdk8u202-b08_openj9-0.12.1.

Source: MLIST
Type: Mailing List, Vendor Advisory
[debian-lts-announce] 20190122 [SECURITY] [DLA 1637-1] apt security update

Source: MLIST
Type: Mailing List, Vendor Advisory
[debian-lts-announce] 20190122 [SECURITY] [DLA 1637-1] apt security update (amended)

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20190125-0002/

Source: CCN
Type: The Hacker News Web site
Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems

Source: UBUNTU
Type: Third Party Advisory
USN-3863-1

Source: UBUNTU
Type: Third Party Advisory
USN-3863-2

Source: CCN
Type: Debian Web site
Advanced Package Tool (APT)

Source: DEBIAN
Type: Patch, Vendor Advisory
DSA-4371

Vulnerable Configuration:Configuration 1:
  • cpe:/a:debian:advanced_package_tool:*:*:*:*:*:*:*:* (Version < 1.2.30)
  • OR cpe:/a:debian:advanced_package_tool:*:*:*:*:*:*:*:* (Version >= 1.3 and <= 1.4.8)

    • Configuration 2:
  • cpe:/o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

    • Configuration 4:
  • cpe:/a:netapp:active_iq:-:*:*:*:*:*:*:*
  • OR cpe:/a:netapp:element_software:-:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:debian:advanced_package_tool:0.8.15:*:*:*:*:*:*:*
  • OR cpe:/a:debian:advanced_package_tool:1.4.8:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.bionic:def:20193462000
    V
    		CVE-2019-3462 on Ubuntu 18.04 LTS (bionic) - high.
    2019-01-28
    oval:com.ubuntu.cosmic:def:201934620000000
    V
    		CVE-2019-3462 on Ubuntu 18.10 (cosmic) - high.
    2019-01-28
    oval:com.ubuntu.cosmic:def:20193462000
    V
    		CVE-2019-3462 on Ubuntu 18.10 (cosmic) - high.
    2019-01-28
    oval:com.ubuntu.bionic:def:201934620000000
    V
    		CVE-2019-3462 on Ubuntu 18.04 LTS (bionic) - high.
    2019-01-28
    oval:com.ubuntu.trusty:def:20193462000
    V
    		CVE-2019-3462 on Ubuntu 14.04 LTS (trusty) - high.
    2019-01-28
    oval:com.ubuntu.xenial:def:201934620000000
    V
    		CVE-2019-3462 on Ubuntu 16.04 LTS (xenial) - high.
    2019-01-28
    oval:com.ubuntu.xenial:def:20193462000
    V
    		CVE-2019-3462 on Ubuntu 16.04 LTS (xenial) - high.
    2019-01-28
    BACK
    debian advanced package tool *
    debian advanced package tool *
    canonical ubuntu linux 12.04
    canonical ubuntu linux 14.04
    canonical ubuntu linux 16.04
    canonical ubuntu linux 18.04
    canonical ubuntu linux 18.10
    debian debian linux 8.0
    debian debian linux 9.0
    netapp active iq -
    netapp element software -
    debian apt 0.8.15
    debian apt 1.4.8