Vulnerability Name:

CVE-2020-0570 (CCN-175452)

Assigned:2019-10-28
Published:2020-01-29
Updated:2021-09-21
Summary:Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.
CVSS v3 Severity:7.3 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
6.4 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
6.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
7.3 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)
6.4 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-426
CWE-73
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2020-0570

Source: CONFIRM
Type: Exploit, Patch, Vendor Advisory
https://bugreports.qt.io/browse/QTBUG-81272

Source: MISC
Type: Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1800604

Source: XF
Type: UNKNOWN
qt-cve20200570-code-exec(175452)

Source: CONFIRM
Type: Mailing List, Vendor Advisory
https://lists.qt-project.org/pipermail/development/2020-January/038534.html

Source: CCN
Type: oss-sec Mailing List, Wed, 29 Jan 2020 17:17:49 -0800
New Qt vulnerabilities

Source: CCN
Type: Qt Web site
One framework. One codebase. Any platform.

Vulnerable Configuration:Configuration 1:
  • cpe:/a:qt:qt:*:*:*:*:*:*:*:* (Version < 5.9.10)
  • OR cpe:/a:qt:qt:*:*:*:*:*:*:*:* (Version >= 5.10.0 and < 5.12.7)
  • OR cpe:/a:qt:qt:*:*:*:*:*:*:*:* (Version >= 5.13.0 and < 5.14.0)

    • Configuration 2:
  • cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:qt:qt:5.12.0:*:*:*:*:*:*:*
  • OR cpe:/a:qt:qt:5.14.0:-:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20200570
    V
    		CVE-2020-0570
    2023-06-22
    oval:org.opensuse.security:def:7551
    P
    		libQt5Concurrent-devel-5.15.8+kde185-150500.2.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7909
    P
    		libQt5OpenGLExtensions-devel-static-5.15.8+kde185-150500.2.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:696
    P
    		Security update for webkit2gtk3 (Important)
    2022-08-16
    oval:org.opensuse.security:def:3291
    P
    		libyaml-0-2-0.1.6-7.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:94601
    P
    		libQt5Concurrent-devel-5.15.2+kde294-150400.4.8 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94921
    P
    		libQt5OpenGLExtensions-devel-static-5.15.2+kde294-150400.4.8 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:2971
    P
    		libQt5Concurrent-devel-5.15.2+kde294-150400.4.8 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:1561
    P
    		Security update for the Linux Kernel (Important)
    2022-06-14
    oval:org.opensuse.security:def:1676
    P
    		Security update for xen (Important)
    2022-06-13
    oval:org.opensuse.security:def:99
    P
    		libQt5Concurrent-devel-5.12.7-4.12.2 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:94032
    P
    		 (Moderate)
    2022-06-02
    oval:org.opensuse.security:def:1205
    P
    		Security update for slurm (Important)
    2022-05-16
    oval:org.opensuse.security:def:100745
    P
    		 (Important)
    2022-02-04
    oval:org.opensuse.security:def:112555
    P
    		libQt5Bootstrap-devel-static-32bit-5.15.2+kde222-1.3 on GA media (Moderate)
    2022-01-17
    oval:org.opensuse.security:def:69963
    P
    		Security update for openssh (Important)
    2021-12-06
    oval:org.opensuse.security:def:106043
    P
    		libQt5Bootstrap-devel-static-32bit-5.15.2+kde222-1.3 on GA media (Moderate)
    2021-10-01
    oval:org.opensuse.security:def:1028
    P
    		Security update for ffmpeg (Important)
    2021-09-02
    oval:org.opensuse.security:def:101171
    P
    		libQt5OpenGLExtensions-devel-static-5.12.7-4.12.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:72484
    P
    		libQt5OpenGLExtensions-devel-static-5.12.7-4.12.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62765
    P
    		libQt5OpenGLExtensions-devel-static-5.12.7-4.12.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:71858
    P
    		libQt5Concurrent-devel-5.12.7-4.12.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:100875
    P
    		libQt5Concurrent-devel-5.12.7-4.12.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62117
    P
    		libQt5Concurrent-devel-5.12.7-4.12.2 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:93752
    P
    		 (Important)
    2021-07-14
    oval:org.opensuse.security:def:69683
    P
    		Security update for openexr (Important)
    2021-06-24
    oval:org.opensuse.security:def:69788
    P
    		Security update for glibc (Important)
    2021-02-26
    oval:org.opensuse.security:def:49083
    P
    		Security update for salt (Critical)
    2021-02-26
    oval:org.opensuse.security:def:66432
    P
    		Security update for java-1_8_0-ibm (Moderate)
    2020-12-23
    oval:org.opensuse.security:def:66712
    P
    		Security update for python3 (Important)
    2020-12-23
    oval:org.opensuse.security:def:73403
    P
    		Security update for xen (Moderate)
    2020-12-18
    oval:org.opensuse.security:def:72369
    P
    		libQt5OpenGLExtensions-devel-static-5.12.7-2.25 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107131
    P
    		libQt5Concurrent-devel-5.12.7-2.25 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:116969
    P
    		libQt5OpenGLExtensions-devel-static-5.12.7-2.25 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:62650
    P
    		libQt5OpenGLExtensions-devel-static-5.12.7-2.25 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:100465
    P
    		libQt5Concurrent-devel-5.12.7-2.25 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:107411
    P
    		libQt5OpenGLExtensions-devel-static-5.12.7-2.25 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:71526
    P
    		libQt5Concurrent-devel-5.12.7-2.25 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:61785
    P
    		libQt5Concurrent-devel-5.12.7-2.25 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:116689
    P
    		libQt5Concurrent-devel-5.12.7-2.25 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:49646
    P
    		libQt5OpenGLExtensions-devel-static on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:66340
    P
    		apache-commons-httpclient on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73005
    P
    		Security update for MozillaThunderbird (Important)
    2020-12-01
    oval:org.opensuse.security:def:70068
    P
    		libQt5OpenGLExtensions-devel-static on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73123
    P
    		libQt5Concurrent-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:66620
    P
    		rsync on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:73285
    P
    		perl-XML-LibXML on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49137
    P
    		libQt5Concurrent-devel on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:49592
    P
    		perl-Tk on GA media (Moderate)
    2020-12-01
    oval:com.redhat.rhsa:def:20204690
    P
    		RHSA-2020:4690: qt5-qtbase and qt5-qtwebsockets security and bug fix update (Moderate)
    2020-11-04
    oval:com.redhat.rhsa:def:20204025
    P
    		RHSA-2020:4025: qt5-qtbase security update (Moderate)
    2020-09-29
    oval:com.ubuntu.bionic:def:202005700000000
    V
    		CVE-2020-0570 on Ubuntu 18.04 LTS (bionic) - medium.
    2020-02-05
    oval:com.ubuntu.xenial:def:202005700000000
    V
    		CVE-2020-0570 on Ubuntu 16.04 LTS (xenial) - medium.
    2020-02-05
    BACK
    qt qt *
    qt qt *
    qt qt *
    redhat enterprise linux 7.0
    redhat enterprise linux 8.0
    qt qt 5.12.0
    qt qt 5.14.0 -