CVE-2019-1552

Summary

CVE	CVE-2019-1552
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2019-07-30 17:15:00 UTC
Updated	2023-11-07 03:08:00 UTC
Description	OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable with the --prefix / --openssldir configuration options. For OpenSSL versions 1.1.0 and 1.1.1, the mingw configuration targets assume that resulting programs and libraries are installed in a Unix-like environment and the default prefix for program installation as well as for OPENSSLDIR should be '/usr/local'. However, mingw programs are Windows programs, and as such, find themselves looking at sub-directories of 'C:/usr/local', which may be world writable, which enables untrusted users to modify OpenSSL's default configuration, insert CA certificates, modify (or even replace) existing engine modules, etc. For OpenSSL 1.0.2, '/usr/local/ssl' is used as default for OPENSSLDIR on all Unix and Windows targets, including Visual C builds. However, some build instructions for the diverse Windows targets on 1.0.2 encourage you to specify your own --prefix. OpenSSL versions 1.1.1, 1.1.0 and 1.0.2 are affected by this issue. Due to the limited scope of affected deployments this has been assessed as low severity and therefore we are not creating new releases at this time. Fixed in OpenSSL 1.1.1d (Affected 1.1.1-1.1.1c). Fixed in OpenSSL 1.1.0l (Affected 1.1.0-1.1.0k). Fixed in OpenSSL 1.0.2t (Affected 1.0.2-1.0.2s).

Risk And Classification

Problem Types: CWE-295

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Openssl	Openssl	All	All	All	All
Application	Openssl	Openssl	All	All	All	All
Application	Openssl	Openssl	All	All	All	All

References

Reference	Source	Link	Tags
myF5		support.f5.com
[SECURITY] Fedora 30 Update: compat-openssl10-1.0.2o-7.fc30 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
git.openssl.org Git - openssl.git/commitdiff		git.openssl.org
[SECURITY] Fedora 31 Update: compat-openssl10-1.0.2o-8.fc31 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
[SECURITY] Fedora 30 Update: compat-openssl10-1.0.2o-7.fc30 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
[SECURITY] Fedora 29 Update: compat-openssl10-1.0.2o-7.fc29 - package-announce - Fedora Mailing-Lists	FEDORA	lists.fedoraproject.org
Oracle Critical Patch Update Advisory - July 2020	MISC	www.oracle.com
[R1] Tenable.sc 5.13.0 Fixes Multiple Third-Party Vulnerabilities - Security Advisory \| Tenable®	CONFIRM	www.tenable.com
Oracle Critical Patch Update Advisory - October 2020	MISC	www.oracle.com
git.openssl.org Git - openssl.git/commitdiff	CONFIRM	git.openssl.org	Mailing List, Patch, Vendor Advisory
support.f5.com/csp/article/K94041354	CONFIRM	support.f5.com
Security Bulletin - Policy Auditor update fixes multiple vulnerabilities in third-party libraries (CVE-2016-0718, CVE-2016-4472, CVE-2016-5300, CVE-2017-17740, CVE-2017-9287, CVE-2019-13057, CVE-2020-15719, CVE-2019-1543, CVE-2019-1547, CVE-2019-1552, CVE-2019-1563, CVE-2019-8457, CVE-2018-20506, CVE-2018-20346, CVE-2019-16168, CVE-2017-12627)	CONFIRM	kc.mcafee.com
git.openssl.org Git - openssl.git/commitdiff	CONFIRM	git.openssl.org	Mailing List, Vendor Advisory
support.f5.com/csp/article/K94041354	CONFIRM	support.f5.com
[R1] Nessus Network Monitor 5.11.0 Fixes Multiple Third-party Vulnerabilities - Security Advisory \| Tenable®	CONFIRM	www.tenable.com
[SECURITY] Fedora 29 Update: compat-openssl10-1.0.2o-7.fc29 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
www.openssl.org/news/secadv/20190730.txt	CONFIRM	www.openssl.org	Vendor Advisory
git.openssl.org Git - openssl.git/commitdiff	CONFIRM	git.openssl.org	Mailing List, Patch, Vendor Advisory
git.openssl.org Git - openssl.git/commitdiff	CONFIRM	git.openssl.org	Mailing List, Patch, Vendor Advisory
VU#429301 - Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location	CERT-VN	www.kb.cert.org
cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf	CONFIRM	cert-portal.siemens.com
[SECURITY] Fedora 31 Update: compat-openssl10-1.0.2o-8.fc31 - package-announce - Fedora Mailing-Lists		lists.fedoraproject.org
git.openssl.org Git - openssl.git/commitdiff		git.openssl.org
Oracle Critical Patch Update - October 2019	MISC	www.oracle.com
Oracle Critical Patch Update Advisory - January 2020	MISC	www.oracle.com
Oracle Critical Patch Update Advisory - April 2020	N/A	www.oracle.com
CVE-2019-1552 OpenSSL Vulnerability in NetApp Products \| NetApp Product Security	CONFIRM	security.netapp.com
git.openssl.org Git - openssl.git/commitdiff		git.openssl.org
git.openssl.org Git - openssl.git/commitdiff		git.openssl.org
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

Vendor Comments And Credit

Discovery Credit

LEGACY: Rich Mirch

Legacy QID Mappings

296078 Oracle Solaris 11.4 Support Repository Update (SRU) 16.4.0 Missing (CPUOCT2019)
591280 Siemens SCALANCE X-200RNA Switch Devices Denial of Service (DoS) Multiple Vulnerabilities (ICSA-22-349-21, SSA-412672)