vulnerability

Amazon Linux AMI 2: CVE-2019-3695: Security patch for pcp (ALAS-2020-1561)

Try Surface Command
Back to search
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
Mar 3, 2020
Added
Nov 12, 2020
Modified
Sep 30, 2022

Description

A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows the user pcp to run code as root by placing it into /var/log/pcp/configs.sh This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1.

Solution(s)

amazon-linux-ami-2-upgrade-pcpamazon-linux-ami-2-upgrade-pcp-confamazon-linux-ami-2-upgrade-pcp-debuginfoamazon-linux-ami-2-upgrade-pcp-develamazon-linux-ami-2-upgrade-pcp-docamazon-linux-ami-2-upgrade-pcp-export-pcp2elasticsearchamazon-linux-ami-2-upgrade-pcp-export-pcp2graphiteamazon-linux-ami-2-upgrade-pcp-export-pcp2influxdbamazon-linux-ami-2-upgrade-pcp-export-pcp2jsonamazon-linux-ami-2-upgrade-pcp-export-pcp2sparkamazon-linux-ami-2-upgrade-pcp-export-pcp2xmlamazon-linux-ami-2-upgrade-pcp-export-pcp2zabbixamazon-linux-ami-2-upgrade-pcp-export-zabbix-agentamazon-linux-ami-2-upgrade-pcp-guiamazon-linux-ami-2-upgrade-pcp-import-collectl2pcpamazon-linux-ami-2-upgrade-pcp-import-ganglia2pcpamazon-linux-ami-2-upgrade-pcp-import-iostat2pcpamazon-linux-ami-2-upgrade-pcp-import-mrtg2pcpamazon-linux-ami-2-upgrade-pcp-import-sar2pcpamazon-linux-ami-2-upgrade-pcp-libsamazon-linux-ami-2-upgrade-pcp-libs-develamazon-linux-ami-2-upgrade-pcp-manageramazon-linux-ami-2-upgrade-pcp-pmda-activemqamazon-linux-ami-2-upgrade-pcp-pmda-apacheamazon-linux-ami-2-upgrade-pcp-pmda-bashamazon-linux-ami-2-upgrade-pcp-pmda-bind2amazon-linux-ami-2-upgrade-pcp-pmda-bondingamazon-linux-ami-2-upgrade-pcp-pmda-cifsamazon-linux-ami-2-upgrade-pcp-pmda-ciscoamazon-linux-ami-2-upgrade-pcp-pmda-dbpingamazon-linux-ami-2-upgrade-pcp-pmda-dmamazon-linux-ami-2-upgrade-pcp-pmda-dockeramazon-linux-ami-2-upgrade-pcp-pmda-ds389amazon-linux-ami-2-upgrade-pcp-pmda-ds389logamazon-linux-ami-2-upgrade-pcp-pmda-elasticsearchamazon-linux-ami-2-upgrade-pcp-pmda-gfs2amazon-linux-ami-2-upgrade-pcp-pmda-glusteramazon-linux-ami-2-upgrade-pcp-pmda-gpfsamazon-linux-ami-2-upgrade-pcp-pmda-gpsdamazon-linux-ami-2-upgrade-pcp-pmda-haproxyamazon-linux-ami-2-upgrade-pcp-pmda-infinibandamazon-linux-ami-2-upgrade-pcp-pmda-jsonamazon-linux-ami-2-upgrade-pcp-pmda-libvirtamazon-linux-ami-2-upgrade-pcp-pmda-lioamazon-linux-ami-2-upgrade-pcp-pmda-lmsensorsamazon-linux-ami-2-upgrade-pcp-pmda-loggeramazon-linux-ami-2-upgrade-pcp-pmda-lustreamazon-linux-ami-2-upgrade-pcp-pmda-lustrecommamazon-linux-ami-2-upgrade-pcp-pmda-mailqamazon-linux-ami-2-upgrade-pcp-pmda-memcacheamazon-linux-ami-2-upgrade-pcp-pmda-micamazon-linux-ami-2-upgrade-pcp-pmda-mountsamazon-linux-ami-2-upgrade-pcp-pmda-mysqlamazon-linux-ami-2-upgrade-pcp-pmda-namedamazon-linux-ami-2-upgrade-pcp-pmda-netfilteramazon-linux-ami-2-upgrade-pcp-pmda-newsamazon-linux-ami-2-upgrade-pcp-pmda-nfsclientamazon-linux-ami-2-upgrade-pcp-pmda-nginxamazon-linux-ami-2-upgrade-pcp-pmda-nvidia-gpuamazon-linux-ami-2-upgrade-pcp-pmda-oracleamazon-linux-ami-2-upgrade-pcp-pmda-pdnsamazon-linux-ami-2-upgrade-pcp-pmda-perfeventamazon-linux-ami-2-upgrade-pcp-pmda-postfixamazon-linux-ami-2-upgrade-pcp-pmda-postgresqlamazon-linux-ami-2-upgrade-pcp-pmda-prometheusamazon-linux-ami-2-upgrade-pcp-pmda-redisamazon-linux-ami-2-upgrade-pcp-pmda-roomtempamazon-linux-ami-2-upgrade-pcp-pmda-rpmamazon-linux-ami-2-upgrade-pcp-pmda-rsyslogamazon-linux-ami-2-upgrade-pcp-pmda-sambaamazon-linux-ami-2-upgrade-pcp-pmda-sendmailamazon-linux-ami-2-upgrade-pcp-pmda-shpingamazon-linux-ami-2-upgrade-pcp-pmda-slurmamazon-linux-ami-2-upgrade-pcp-pmda-smartamazon-linux-ami-2-upgrade-pcp-pmda-snmpamazon-linux-ami-2-upgrade-pcp-pmda-summaryamazon-linux-ami-2-upgrade-pcp-pmda-systemdamazon-linux-ami-2-upgrade-pcp-pmda-traceamazon-linux-ami-2-upgrade-pcp-pmda-unboundamazon-linux-ami-2-upgrade-pcp-pmda-vmwareamazon-linux-ami-2-upgrade-pcp-pmda-weblogamazon-linux-ami-2-upgrade-pcp-pmda-zimbraamazon-linux-ami-2-upgrade-pcp-pmda-zswapamazon-linux-ami-2-upgrade-pcp-selinuxamazon-linux-ami-2-upgrade-pcp-system-toolsamazon-linux-ami-2-upgrade-pcp-testsuiteamazon-linux-ami-2-upgrade-pcp-webapiamazon-linux-ami-2-upgrade-pcp-webapp-blinkenlightsamazon-linux-ami-2-upgrade-pcp-webapp-grafanaamazon-linux-ami-2-upgrade-pcp-webapp-graphiteamazon-linux-ami-2-upgrade-pcp-webapp-vectoramazon-linux-ami-2-upgrade-pcp-webjsamazon-linux-ami-2-upgrade-pcp-zeroconfamazon-linux-ami-2-upgrade-perl-pcp-logimportamazon-linux-ami-2-upgrade-perl-pcp-logsummaryamazon-linux-ami-2-upgrade-perl-pcp-mmvamazon-linux-ami-2-upgrade-perl-pcp-pmdaamazon-linux-ami-2-upgrade-python-pcp

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today