National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2019-15231

Change History

CVE Modified by [Source] - 8/21/2019 10:15:10 AM

Action Type Old Value New Value
Changed Description
Webmin 1.890, in a default installation, contains a backdoor that allows an unauthenticated attacker to remotely execute commands. This is different from CVE-2019-15107. NOTE: as of 2019-08-19, the vendor reports that "at some point" malicious code was inserted into their build infrastructure, but was not inserted into any GitHub repository.
Webmin 1.890, in a default installation, contains a backdoor that allows an unauthenticated attacker to remotely execute commands. This CVE only refers to the backdoor that was enabled by default, and therefore is a separate CVE from CVE-2019-15107. NOTE: although the vendor's build infrastructure was compromised in 2018, the compromise is not known to affect any GitHub repository. Thus, the relatively uncommon case of an end user building their own copy of Webmin (from the 1.890 tag on GitHub) is thought to be safe.
Added Reference
https://arstechnica.com/information-technology/2019/08/the-year-long-rash-of-supply-chain-attacks-against-open-source-is-getting-worse/ [No Types Assigned]
Added Reference
https://duo.com/decipher/backdoor-found-in-webmin-utility [No Types Assigned]