ID CVE-2018-4700
Summary ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-4300. Reason: This candidate is a duplicate of CVE-2018-4300. Notes: All CVE users should reference CVE-2018-4300 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
References
Vulnerable Configurations
CVSS
Base: 5.0
Impact:
Exploitability:
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
redhat via4
advisories
bugzilla
id 1649347
title CVE-2018-4700 cups: Predictable session cookie breaks CSRF protection
oval
OR
  • comment Red Hat Enterprise Linux must be installed
    oval oval:com.redhat.rhba:tst:20070304026
  • AND
    • comment Red Hat Enterprise Linux 7 is installed
      oval oval:com.redhat.rhba:tst:20150364027
    • OR
      • AND
        • comment cups is earlier than 1:1.6.3-43.el7
          oval oval:com.redhat.rhsa:tst:20201050001
        • comment cups is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150386002
      • AND
        • comment cups-client is earlier than 1:1.6.3-43.el7
          oval oval:com.redhat.rhsa:tst:20201050003
        • comment cups-client is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150386004
      • AND
        • comment cups-devel is earlier than 1:1.6.3-43.el7
          oval oval:com.redhat.rhsa:tst:20201050005
        • comment cups-devel is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150386006
      • AND
        • comment cups-filesystem is earlier than 1:1.6.3-43.el7
          oval oval:com.redhat.rhsa:tst:20201050007
        • comment cups-filesystem is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150386008
      • AND
        • comment cups-ipptool is earlier than 1:1.6.3-43.el7
          oval oval:com.redhat.rhsa:tst:20201050009
        • comment cups-ipptool is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150386010
      • AND
        • comment cups-libs is earlier than 1:1.6.3-43.el7
          oval oval:com.redhat.rhsa:tst:20201050011
        • comment cups-libs is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150386012
      • AND
        • comment cups-lpd is earlier than 1:1.6.3-43.el7
          oval oval:com.redhat.rhsa:tst:20201050013
        • comment cups-lpd is signed with Red Hat redhatrelease2 key
          oval oval:com.redhat.rhba:tst:20150386014
rhsa
id RHSA-2020:1050
released 2020-03-31
severity Moderate
title RHSA-2020:1050: cups security and bug fix update (Moderate)
rpms
  • cups-1:1.6.3-43.el7
  • cups-client-1:1.6.3-43.el7
  • cups-debuginfo-1:1.6.3-43.el7
  • cups-devel-1:1.6.3-43.el7
  • cups-filesystem-1:1.6.3-43.el7
  • cups-ipptool-1:1.6.3-43.el7
  • cups-libs-1:1.6.3-43.el7
  • cups-lpd-1:1.6.3-43.el7
Last major update 05-08-2019 - 19:15
Published 05-08-2019 - 19:15
Last modified 05-08-2019 - 19:15
Back to Top