CVE-2020-1958

{"id": "CVE-2020-1958", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2020-04-01T22:15:17.487", "references": [{"url": "https://lists.apache.org/thread.html/r026540c617d334007810cd8f0068f617b5c78444be00a31fc1b03390%40%3Ccommits.druid.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/r1526dbce98a138629a41daa06c13393146ddcaf8f9d273cc49d57681%40%3Ccommits.druid.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/r1c32c95543d44559b8d7fd89b0a85f728c80e8b715685bbf788a15a4%40%3Ccommits.druid.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/r47c90a378efdb3fd07ff7f74095b8eb63b3ca93b8ada5c2661c5e371%40%3Ccommits.druid.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/r75e74d39c41c1b95a658b6a9f75fc6fd02b1d1922566a0ee4ee2fdfc%40%3Ccommits.druid.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/r9d437371793b410f8a8e18f556d52d4bb68e18c537962f6a97f4945e%40%3Cdev.druid.apache.org%3E", "tags": ["Mailing List", "Vendor Advisory"], "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/rf70876ecafb45b314eff9d040c5281c4adb0cb7771eb029448cfb79b%40%3Cannounce.apache.org%3E", "source": "security@apache.org"}, {"url": "https://lists.apache.org/thread.html/rffabc9e83cc2831bbee5db32b3965b84b09346a26ebc1012db63d28c%40%3Ccommits.druid.apache.org%3E", "source": "security@apache.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-74"}]}], "descriptions": [{"lang": "en", "value": "When LDAP authentication is enabled in Apache Druid 0.17.0, callers of Druid APIs with a valid set of LDAP credentials can bypass the credentialsValidator.userSearch filter barrier that determines if a valid LDAP user is allowed to authenticate with Druid. They are still subject to role-based authorization checks, if configured. Callers of Druid APIs can also retrieve any LDAP attribute values of users that exist on the LDAP server, so long as that information is visible to the Druid server. This information disclosure does not require the caller itself to be a valid LDAP user."}, {"lang": "es", "value": "Cuando la autenticaci\u00f3n LDAP est\u00e1 habilitada en Apache Druid versi\u00f3n 0.17.0, las personas que llaman desde las API de Druid con un conjunto v\u00e1lido de credenciales LDAP pueden omitir la barrera de filtro credentialsValidator.userSearch que determina si un usuario LDAP v\u00e1lido est\u00e1 habilitado para autenticarse con Druid. A\u00fan est\u00e1n sujetos a comprobaciones de autorizaci\u00f3n basadas en roles, si est\u00e1n configuradas. Las personas que llaman de las API de Druid tambi\u00e9n pueden recuperar cualquiera de los valores de atributo LDAP de los usuarios que existan en el servidor LDAP, siempre que esa informaci\u00f3n este visible para el servidor Druid. Esta divulgaci\u00f3n de informaci\u00f3n no requiere que la persona que llama sea un usuario LDAP v\u00e1lido."}], "lastModified": "2023-11-07T03:19:38.300", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:druid:0.17.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26A864B6-C649-4405-886A-82FA0C2399F8"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}