Details of VAR-201904-0200

ID

VAR-201904-0200

CVE

CVE-2019-8452

TITLE

Check Point ZoneAlarm and Endpoint Security client Permissions vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-004334

DESCRIPTION

A hard-link created from log file archive of Check Point ZoneAlarm up to 15.4.062 or Check Point Endpoint Security client for Windows before E80.96 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file. Check Point ZoneAlarm is a network firewall program of Israel Check Point Company. An attacker could exploit this vulnerability to gain elevated privileges

Trust: 1.71

sources: NVD: CVE-2019-8452 // JVNDB: JVNDB-2019-004334 // VULHUB: VHN-159887

AFFECTED PRODUCTS

vendor:	checkpoint	model:	endpoint security	scope:	lt	version:	e80.96	Trust: 1.0
vendor:	checkpoint	model:	zonealarm	scope:	lte	version:	15.4.062	Trust: 1.0
vendor:	check point	model:	endpoint security	scope:	lt	version:	e80.96	Trust: 0.8
vendor:	check point	model:	zonealarm	scope:	lte	version:	15.4.062	Trust: 0.8

sources: JVNDB: JVNDB-2019-004334 // NVD: CVE-2019-8452

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-8452
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-8452
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201904-930
value:	HIGH
Trust: 0.6
VULHUB:	VHN-159887
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2019-8452
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-159887
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-8452
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2019-8452
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-159887 // JVNDB: JVNDB-2019-004334 // CNNVD: CNNVD-201904-930 // NVD: CVE-2019-8452

PROBLEMTYPE DATA

problemtype:	CWE-59	Trust: 1.1
problemtype:	CWE-65	Trust: 1.0
problemtype:	CWE-275	Trust: 0.9

sources: VULHUB: VHN-159887 // JVNDB: JVNDB-2019-004334 // NVD: CVE-2019-8452

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201904-930

TYPE

post link

Trust: 0.6

sources: CNNVD: CNNVD-201904-930

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-004334

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-159887

PATCH

title:	ZoneAlarm Free Antivirus + Firewall version 15.4.260.17960	url:	https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960	Trust: 0.8
title:	sk150012	url:	https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk150012	Trust: 0.8
title:	Check Point ZoneAlarm Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91756	Trust: 0.6

sources: JVNDB: JVNDB-2019-004334 // CNNVD: CNNVD-201904-930

EXTERNAL IDS

db:	NVD	id:	CVE-2019-8452	Trust: 2.5
db:	PACKETSTORM	id:	154754	Trust: 1.7
db:	JVNDB	id:	JVNDB-2019-004334	Trust: 0.8
db:	CNNVD	id:	CNNVD-201904-930	Trust: 0.7
db:	EXPLOIT-DB	id:	47471	Trust: 0.6
db:	VULHUB	id:	VHN-159887	Trust: 0.1

sources: VULHUB: VHN-159887 // JVNDB: JVNDB-2019-004334 // CNNVD: CNNVD-201904-930 // NVD: CVE-2019-8452

REFERENCES

url:	http://packetstormsecurity.com/files/154754/checkpoint-endpoint-security-client-zonealarm-privilege-escalation.html	Trust: 1.7
url:	https://www.zonealarm.com/software/release-history/zafavfw.html#15.4.260.17960	Trust: 1.7
url:	https://supportcenter.us.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk150012	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-8452	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8452	Trust: 0.8
url:	https://www.exploit-db.com/exploits/47471	Trust: 0.6
url:	https://vigilance.fr/vulnerability/zonealarm-antivirus-firewall-three-vulnerabilities-29075	Trust: 0.6
url:	https://vigilance.fr/vulnerability/check-point-endpoint-security-file-corruption-29162	Trust: 0.6
url:	https://supportcenter.us.checkpoint.com/supportcenter/portal?eventsubmit_dogoviewsolutiondetails=&solutionid=sk150012	Trust: 0.1

sources: VULHUB: VHN-159887 // JVNDB: JVNDB-2019-004334 // CNNVD: CNNVD-201904-930 // NVD: CVE-2019-8452

CREDITS

Jakub Palaczynski

Trust: 0.6

sources: CNNVD: CNNVD-201904-930

SOURCES

db:	VULHUB	id:	VHN-159887
db:	JVNDB	id:	JVNDB-2019-004334
db:	CNNVD	id:	CNNVD-201904-930
db:	NVD	id:	CVE-2019-8452

LAST UPDATE DATE

2024-11-23T23:11:54.037000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-159887	date:	2020-10-22T00:00:00
db:	JVNDB	id:	JVNDB-2019-004334	date:	2019-05-30T00:00:00
db:	CNNVD	id:	CNNVD-201904-930	date:	2020-10-23T00:00:00
db:	NVD	id:	CVE-2019-8452	date:	2024-11-21T04:49:55.833

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-159887	date:	2019-04-22T00:00:00
db:	JVNDB	id:	JVNDB-2019-004334	date:	2019-05-30T00:00:00
db:	CNNVD	id:	CNNVD-201904-930	date:	2019-04-18T00:00:00
db:	NVD	id:	CVE-2019-8452	date:	2019-04-22T22:29:00.527