CVE-2019-1321 — Prototype Pollution in Microsoft Windows

CWE-1321 — Prototype Pollution CWE-915 — Improperly Controlled Modification of Dynamically-Determined Object Attributes CWE-20 — Improper Input Validation CWE-74 — Injection CWE-843 — Type Confusion CWE-79 — Cross-site Scripting CWE-285 — Improper Authorization22 documents7 sources

Severity

7.8HIGHNVD

GHSA9.8GHSA9.1GHSA7.5GHSA6.3

EPSS

0.3%

top 49.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Jquery Maximebf Debugbar Djangoproject Django +16 more

Timeline

PublishedOct 10

Latest updateOct 17

Description

An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List (DACL), aka 'Microsoft Windows CloudStore Elevation of Privilege Vulnerability'.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages20 packages

▶CVEListV5microsoft/windows11 versions+10

▶NVDmicrosoft/windows1803, 1903+1

▶NVDmicrosoft/windows_105 versions+4

▶CVEListV5microsoft/windows_server2019, 2019 (Core installation), version 1803 (Core Installation)+2

▶CVEListV5microsoft/windows_10_version_1903_for_32-bit_systemsunspecified

Patches

Patch: portal.msrc.microsoft.com ↗Patch: portal.msrc.microsoft.com ↗

🔴Vulnerability Details

GHSA

Prototype Pollution in ali-security/mongoose↗2023-10-17

▶

GHSA

GHSA-j73q-gwj9-65f6: An elevation of privilege vulnerability exists when Windows CloudStore improperly handles file Discretionary Access Control List (DACL), aka 'Microsof↗2022-05-24

▶

GHSA

Prototype Pollution in bodymen↗2022-03-18

▶

GHSA

Improperly Controlled Modification of Dynamically-Determined Object Attributes in Apache Struts↗2021-12-02

▶

GHSA

Prototype Pollution in set-value↗2021-09-13

▶

📋Vendor Advisories

Red Hat

vega-util: Improperly Controlled Modification of Dynamically-Determined Object Attributes in vega-util↗2020-03-09

▶

Microsoft

Microsoft Windows CloudStore Elevation of Privilege Vulnerability↗2019-10-08

▶

Microsoft

jQuery before 3.4.0 as used in Drupal Backdrop CMS and other products mishandles jQuery.extend(true {} ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerab↗2019-04-09

▶

🕵️Threat Intelligence

Talos

Microsoft Patch Tuesday — Oct. 2019: Vulnerability disclosures and Snort coverage↗2019-10-08

▶

Talos

Microsoft Patch Tuesday — Oct. 2019: Vulnerability disclosures and Snort coverage↗2019-10-08

▶