CVE-2019-10193

{"id": "CVE-2019-10193", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "secalert@redhat.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2019-07-11T19:15:12.720", "references": [{"url": "http://www.securityfocus.com/bid/109290", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:1819", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/errata/RHSA-2019:2002", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10193", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES", "tags": ["Release Notes", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES", "tags": ["Release Notes", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES", "tags": ["Release Notes", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://seclists.org/bugtraq/2019/Jul/19", "tags": ["Mailing List", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://security.gentoo.org/glsa/201908-04", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://usn.ubuntu.com/4061-1/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.debian.org/security/2019/dsa-4480", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.oracle.com/security-alerts/cpujul2020.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer."}, {"lang": "es", "value": "Se detect\u00f3 una vulnerabilidad de desbordamiento del b\u00fafer de la pila en hyperloglog data structure de Redis en las versiones 3.x anteriores a 3.2.13, versiones 4.x anteriores a 4.0.14 y versiones 5.x anteriores a 5.0.4. Por la corrupci\u00f3n de un hiperloglog usando el comando SETRANGE, un atacante podr\u00eda causar que Redis realizara incrementos controlados de hasta 12 bytes m\u00e1s all\u00e1 del final de un b\u00fafer asignado a la pila."}], "lastModified": "2021-10-28T12:14:51.763", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69CAD776-FA0E-499F-BA66-5C77DCC1B115", "versionEndExcluding": "3.2.13", "versionStartIncluding": "3.0.0"}, {"criteria": "cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B901D22B-C584-4BEE-98C2-9B11B9FBD7A7", "versionEndExcluding": "4.0.14", "versionStartIncluding": "4.0.0"}, {"criteria": "cpe:2.3:a:redislabs:redis:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4352C6A2-43E2-4DC7-BFD6-2A9E6A8B6EB9", "versionEndExcluding": "5.0.4", "versionStartIncluding": "5.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B"}, {"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA"}, {"criteria": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "704CFA1A-953E-4105-BFBE-406034B83DED"}, {"criteria": "cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB7F358B-5E56-41AB-BB8A-23D3CB7A248B"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92BC9265-6959-4D37-BE5E-8C45E98992F8"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "831F0F47-3565-4763-B16F-C87B1FF2035E"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0E3F09B5-569F-4C58-9FCA-3C0953D107B5"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B09ACF2D-D83F-4A86-8185-9569605D8EE1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD783B0C-9246-47D9-A937-6144FE8BFF0F"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D52F557F-D0A0-43D3-85F1-F10B6EBFAEDF"}, {"criteria": "cpe:2.3:a:oracle:communications_operations_monitor:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF30C76E-7E58-4D76-89A8-53405685DA86"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}