CVE-2019-12522

An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.

• CVE ID
• CVE-2019-12522

• Assigner
• cve@mitre.org

• Vulnerability Status
• Analyzed

• Published Version
• 2020-04-15T19:15:12

• Last Modified Date
• 2021-03-10T17:27:49

• Version
• 2.0

• Vector String
• AV:L/AC:M/Au:N/C:P/I:P/A:P

• Access Vector
• LOCAL

• Access Compatibility
• MEDIUM

• Authentication
• NONE

• Confidentiality Impact
• PARTIAL

• Integrity Impact
• PARTIAL

• Availability Impact
• PARTIAL

• Base Score
• 4.4

• Severity
• MEDIUM

• Exploitability Score
• 3.4

• Impact Score
• 6.4

• Version
• 3.1

• Vector String
• CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

• Attack Vector
• LOCAL

• Attack Compatibility
• HIGH

• Privileges Required
• LOW

• User Interaction
• NONE

• Scope
• UNCHANGED

• Confidentiality Impact
• LOW

• Availability Impact
• LOW

• Base Score
• 4.5

• Base Severity
• MEDIUM

• Exploitability Score
• 1

• Impact Score
• 3.4