CVE-2019-9891
UnknownEPSS 3.26%
Last modified
CVE-2019-9891 is a vulnerability of currently unknown severity. The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184) allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo.. EPSS estimates a 3.26% chance of exploitation in the next 30 days.
Description
The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184) allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Tldp | Advanced Bash-Scripting Guide | All versions |
References
- https://www.redteam-pentesting.de/advisories/rt-sa-2019-007Exploit, Third Party Advisory
- https://www.redteam-pentesting.de/advisories/rt-sa-2019-007Exploit, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-9891?
The function getopt_simple as described in Advanced Bash Scripting Guide (ISBN 978-1435752184) allows privilege escalation and execution of commands when used in a shell script called, for example, via sudo.
How severe is CVE-2019-9891?
Severity scoring for CVE-2019-9891 is pending analysis. The EPSS model estimates a 3.26% probability of exploitation in the next 30 days.
How do I fix CVE-2019-9891?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2019-9891?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST