CVE-2019-9579 — HIGH (8.1) — White Hats Nepal

Vulnerability Description

An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. The SMB server allows an attacker to have unintended access, e.g., an attacker with WRITE_XATTR can change permissions. This occurs because of a combination of three factors: ZFS extended attributes are used to implement NT named streams, the SMB protocol requires implementations to have open handle semantics similar to those of NTFS, and the SMB server passes along certain attribute requests to the underlying object (i.e., they are not considered to be requests that pertain to the named stream).

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Illumos	Illumos	-
Nexenta	Nexentastor	4.0.5
Oracle	Solaris	11

Related Weaknesses (CWE)

CWE-276

References

https://www.illumos.org/issues/10506MitigationPatchVendor Advisory
https://www.oracle.com/security-alerts/cpuapr2020.htmlPatchThird Party Advisory
https://www.illumos.org/issues/10506MitigationPatchVendor Advisory
https://www.oracle.com/security-alerts/cpuapr2020.htmlPatchThird Party Advisory

FAQ

What is CVE-2019-9579?

CVE-2019-9579 is a vulnerability with a CVSS score of 8.1 (HIGH). An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. The SMB server allows an attacker to have unintended access, e.g., an attacker with WRITE_XATTR can chang...

How severe is CVE-2019-9579?

CVE-2019-9579 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-9579?

Check the references section above for vendor advisories and patch information. Affected products include: Illumos Illumos, Nexenta Nexentastor, Oracle Solaris.