KDE KAuth up to 5.54 Helpers DBusHelperProxy.cpp Parameter privilege escalation
| CVSS Meta Temp Score | Current Exploit Price (≈) |
|---|---|
| 7.6 | $0-$5k |
A vulnerability was found in KDE KAuth up to 5.54. It has been classified as critical. Affected is code of the file DBusHelperProxy.cpp of the component Helpers. The manipulation as part of a Parameter leads to a privilege escalation vulnerability. CWE is classifying the issue as CWE-269. This is going to have an impact on confidentiality, integrity, and availability.
The weakness was released 05/07/2019 as Bug 1124863 as bug report (Bugzilla). The advisory is available at bugzilla.suse.com. This vulnerability is traded as CVE-2019-7443 since 02/05/2019. Technical details are known, but there is no available exploit.
Upgrading to version 5.55 eliminates this vulnerability.
Vendor
Name
VulDB Meta Base Score: 8.0
VulDB Meta Temp Score: 7.6
VulDB Base Score: ≈8.0
VulDB Temp Score: ≈7.6
VulDB Vector: ?
VulDB Reliability: ?
VulDB Base Score: ?
VulDB Temp Score: ?
VulDB Reliability: ?
Class: Privilege escalation (CWE-269)
Local: Yes
Remote: No
Availability: ?
Status: Not defined
Price Prediction: ?
Current Price Estimation: ?
| 0-Day | unlock | unlock | unlock | unlock |
|---|---|---|---|---|
| Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Threat: ?
Adversaries: ?
Geopolitics: ?
Economy: ?
Predictions: ?
Remediation: ?Recommended: Upgrade
Status: ?
0-Day Time: ?
Upgrade: KAuth 5.55
02/05/2019 CVE assigned
05/07/2019 Advisory disclosed
05/08/2019 VulDB entry created
05/08/2019 VulDB last updateAdvisory: Bug 1124863
CVE: CVE-2019-7443 (?)
Created: 05/08/2019 07:32 AM
Complete: ?
See the underground prices here!
https://vuldb.com/?id.134466
Gloss