Insecure configuration in systemd - CVE-2019-14899
Published: December 9, 2019 / Updated: March 7, 2020
Vulnerability identifier: #VU23460
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2019-14899
CWE-ID: CWE-16
Exploitation vector: Adjecent network
Exploit availability:
No public exploit available
Vendor: Freedesktop.org
Affected software:
systemd
systemd
Detailed vulnerability description
The vulnerability allows a remote attacker to hijack VPN session of the victim.
The vulnerability exists due to default configuration change in the "sysctl.d/50-default.conf" file that sets "net.ipv4.conf.all.rp_filter = 2" . A remote attacker on the same local network as the victim can determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use.
Successful exploitation of this vulnerability may allows an attacker to hijack VPN session.
How to mitigate CVE-2019-14899
Install update from vendor's website.