Vulnerability Details : CVE-2019-12522
An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
Products affected by CVE-2019-12522
- cpe:2.3:a:squid-cache:squid:*:*:*:*:*:*:*:*
Threat overview for CVE-2019-12522
Top countries where our scanners detected CVE-2019-12522
Top open port discovered on systems with this issue
3128
IPs affected by CVE-2019-12522 1,292,704
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2019-12522!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2019-12522
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 10 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-12522
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.4
|
MEDIUM | AV:L/AC:M/Au:N/C:P/I:P/A:P |
3.4
|
6.4
|
NIST | |
|
4.5
|
MEDIUM | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.0
|
3.4
|
NIST |
CWE ids for CVE-2019-12522
-
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-12522
-
https://security.netapp.com/advisory/ntap-20210205-0006/
January 2021 Squid Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12522.txt
squid/CVEs/CVE-2019-12522.txt · master · Jeriko One / Security · GitLabThird Party Advisory
Jump to