CVE-2024-1488
Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.
Se encontró una vulnerabilidad en Unbound debido a permisos predeterminados incorrectos, lo que permite que cualquier proceso fuera del grupo independiente modifique la configuración del tiempo de ejecución independiente. Si un proceso puede conectarse a través de localhost al puerto 8953, puede alterar la configuración de unbound.service. Esta falla permite que un atacante sin privilegios manipule una instancia en ejecución, alterando potencialmente a los reenviadores, permitiéndoles rastrear todas las consultas enviadas por el solucionador local y, en algunos casos, interrumpiendo la resolución por completo.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-14 CVE Reserved
- 2024-02-15 CVE Published
- 2024-04-15 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-15: External Control of System or Configuration Setting
CAPEC
References (10)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2024:1750 | 2024-05-08 | |
| https://access.redhat.com/errata/RHSA-2024:1751 | 2024-05-08 | |
| https://access.redhat.com/errata/RHSA-2024:1780 | 2024-05-08 | |
| https://access.redhat.com/errata/RHSA-2024:1801 | 2024-05-08 | |
| https://access.redhat.com/errata/RHSA-2024:1802 | 2024-05-08 | |
| https://access.redhat.com/errata/RHSA-2024:1804 | 2024-05-08 | |
| https://access.redhat.com/errata/RHSA-2024:2587 | 2024-05-08 | |
| https://access.redhat.com/errata/RHSA-2024:2696 | 2024-05-08 | |
| https://access.redhat.com/security/cve/CVE-2024-1488 | 2024-05-06 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2264183 | 2024-05-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| - | - | - | - | - | ||||||