{ "threat_severity" : "Important", "public_date" : "2019-12-13T00:00:00Z", "bugzilla" : { "description" : "ksh: certain environment variables interpreted as arithmetic expressions on startup, leading to code injection", "id" : "1757324", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1757324" }, "cvss3" : { "cvss3_base_score" : "7.4", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "status" : "verified" }, "cwe" : "CWE-77", "details" : [ "In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely.", "A flaw was found in the way ksh evaluates certain environment variables. An attacker could use this flaw to override or bypass environment restrictions to execute shell commands. Services and applications that allow remote unauthenticated attackers to provide one of those environment variables could allow them to exploit this issue remotely." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2020-02-17T00:00:00Z", "advisory" : "RHSA-2020:0515", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "ksh-0:20120801-38.el6_10" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-02-24T00:00:00Z", "advisory" : "RHSA-2020:0568", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "ksh-0:20120801-140.el7_7" }, { "product_name" : "Red Hat Enterprise Linux 7.2 Advanced Update Support", "release_date" : "2020-12-07T00:00:00Z", "advisory" : "RHSA-2020:5352", "cpe" : "cpe:/o:redhat:rhel_aus:7.2", "package" : "ksh-0:20120801-26.el7_2" }, { "product_name" : "Red Hat Enterprise Linux 7.3 Advanced Update Support", "release_date" : "2020-12-07T00:00:00Z", "advisory" : "RHSA-2020:5351", "cpe" : "cpe:/o:redhat:rhel_aus:7.3", "package" : "ksh-0:20120801-27.el7_3" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Advanced Update Support", "release_date" : "2020-05-19T00:00:00Z", "advisory" : "RHSA-2020:2210", "cpe" : "cpe:/o:redhat:rhel_aus:7.4", "package" : "ksh-0:20120801-36.el7_4" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Telco Extended Update Support", "release_date" : "2020-05-19T00:00:00Z", "advisory" : "RHSA-2020:2210", "cpe" : "cpe:/o:redhat:rhel_tus:7.4", "package" : "ksh-0:20120801-36.el7_4" }, { "product_name" : "Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions", "release_date" : "2020-05-19T00:00:00Z", "advisory" : "RHSA-2020:2210", "cpe" : "cpe:/o:redhat:rhel_e4s:7.4", "package" : "ksh-0:20120801-36.el7_4" }, { "product_name" : "Red Hat Enterprise Linux 7.5 Extended Update Support", "release_date" : "2020-04-06T00:00:00Z", "advisory" : "RHSA-2020:1332", "cpe" : "cpe:/o:redhat:rhel_eus:7.5", "package" : "ksh-0:20120801-138.el7_5" }, { "product_name" : "Red Hat Enterprise Linux 7.6 Extended Update Support", "release_date" : "2020-04-06T00:00:00Z", "advisory" : "RHSA-2020:1333", "cpe" : "cpe:/o:redhat:rhel_eus:7.6", "package" : "ksh-0:20120801-140.el7_6" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2020-02-20T00:00:00Z", "advisory" : "RHSA-2020:0559", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "ksh-0:20120801-253.el8_1" }, { "product_name" : "Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions", "release_date" : "2020-02-05T00:00:00Z", "advisory" : "RHSA-2020:0431", "cpe" : "cpe:/a:redhat:rhel_e4s:8.0", "package" : "ksh-0:20120801-253.el8_0" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Out of support scope", "package_name" : "ksh", "cpe" : "cpe:/o:redhat:enterprise_linux:5" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-14868\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-14868" ], "name" : "CVE-2019-14868", "mitigation" : { "value" : "No known mitigation available.", "lang" : "en:us" }, "csaw" : false }