Vulnerability CVE-2022-1949

Vulnerability Name:

CVE-2022-1949 (CCN-228430)

Assigned:

2022-05-31

Published:

2022-05-31

Updated:

2022-06-13

Summary:

An access control bypass vulnerability found in 389-ds-base. That mishandling of the filter that would yield incorrect results, but as that has progressed, can be determined that it actually is an access control bypass. This may allow any remote unauthenticated user to issue a filter that allows searching for database items they do not have access to, including but not limited to potentially userPassword hashes and other sensitive data.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

6.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)
5.7 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

6.4 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

CWE-863

Vulnerability Consequences:

Bypass Security

References:

Source: MITRE
Type: CNA
CVE-2022-1949

Source: CCN
Type: Red Hat Bugzilla - Bug 2091781
(CVE-2022-1949) - CVE-2022-1949 389-ds-base: access control bypass by query (filter in LDAP terms) optimiser

Source: MISC
Type: Issue Tracking, Patch, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2091781

Source: XF
Type: UNKNOWN
389dsbase-cve20221949-sec-bypass(228430)

Vulnerable Configuration:

Configuration 1:

cpe:/a:port389:389-ds-base:*:*:*:*:*:*:*:* (Version >= 1.3.0.0 and <= 2.0.0)

Configuration 2:

cpe:/o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

OR cpe:/a:redhat:directory_server:11.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

OR cpe:/a:redhat:directory_server:12.0:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:549	P	Security update for 389-ds (Important)	2022-07-06
oval:org.opensuse.security:def:3760	P	Security update for 389-ds (Important)	2022-07-06
oval:org.opensuse.security:def:95393	P	Security update for 389-ds (Important)	2022-07-06
oval:org.opensuse.security:def:119608	P	Security update for 389-ds (Important)	2022-06-16
oval:org.opensuse.security:def:118928	P	Security update for 389-ds (Important)	2022-06-16
oval:org.opensuse.security:def:119233	P	Security update for 389-ds (Important)	2022-06-16
oval:org.opensuse.security:def:119423	P	Security update for 389-ds (Important)	2022-06-16
oval:org.opensuse.security:def:118738	P	Security update for 389-ds (Important)	2022-06-16
oval:org.opensuse.security:def:1678	P	Security update for 389-ds (Important)	2022-06-14

BACK