CVE-2019-12522
low-risk
Published 2020-04-15
An issue was discovered in Squid through 4.7. When Squid is run as root, it spawns its child processes as a lesser user, by default the user nobody. This is done via the leave_suid call. leave_suid leaves the Saved UID as 0. This makes it trivial for an attacker who has compromised the child process to escalate their privileges back to root.
Do I need to act?
-
0.18% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.5/10
Medium
LOCAL
/ HIGH complexity
Affected Products (1)
Affected Vendors
References (4)
Third Party Advisory
https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12522.t...
Third Party Advisory
https://security.netapp.com/advisory/ntap-20210205-0006/
Third Party Advisory
https://gitlab.com/jeriko.one/security/-/blob/master/squid/CVEs/CVE-2019-12522.t...
Third Party Advisory
https://security.netapp.com/advisory/ntap-20210205-0006/
18
/ 100
low-risk
Severity
12/34 · Low
Exploitability
1/34 · Minimal
Exposure
5/34 · Minimal