CVE-2012-5356

{"id": "CVE-2012-5356", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "[email protected]", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2012-10-10T18:55:05.707", "references": [{"url": "http://www.securityfocus.com/bid/55736", "source": "[email protected]"}, {"url": "http://www.ubuntu.com/usn/USN-1588-1", "source": "[email protected]"}, {"url": "https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1016643", "source": "[email protected]"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78990", "source": "[email protected]"}, {"url": "http://www.securityfocus.com/bid/55736", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.ubuntu.com/usn/USN-1588-1", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1016643", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78990", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The apt-add-repository tool in Ubuntu Software Properties 0.75.x before 0.75.10.3, 0.80.x before 0.80.9.2, 0.81.x before 0.81.13.5, 0.82.x before 0.82.7.3, and 0.92.x before 0.92.8 does not properly check PPA GPG keys imported from a keyserver, which allows remote attackers to install arbitrary package repository GPG keys via a man-in-the-middle (MITM) attack."}, {"lang": "es", "value": "La herramienta apt-add-repository v0.75.x antes de v0.75.10.3, v0.80.x antes de v0.80.9.2, antes de v0.81.x antes de v0.81.13.5, v0.82.x antes de v0.82.7.3, y antes de v0.92.x antes de v0.92.8 no comprueba correctamente las llaves PPA GPG importadas desde el servidor de claves, lo que permite a atacantes remotos instalar llaves GPG arbitrarias de paquetes del repositorio mediante un ataque man-in-the-middle (MITM)."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "184F2D0B-3DF4-4867-9E2A-0DC811B46EBF"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AFE15797-562D-47C8-8D69-65FC90FB948B"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A97DA7A-B187-4215-84AD-3A318FDA5AB8"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD55026D-31A1-4263-BD75-35CFD57B489B"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6F55FBD-D960-40DB-9B35-59BD01A8F577"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17D82146-84C0-4ACB-9EB0-A9080C77D01E"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "555296EA-799C-4C74-9C1E-951B2A4312B1"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13B0E0DC-E93E-4713-B021-FFECA62619AE"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.75.10.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB2E775F-157E-432C-8B69-FAABBE55879D"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6797994-29C8-4805-81B0-559BB55EBC77"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "966039CD-F163-4235-8E6F-B305A3A9099A"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4B1C439-E7EB-4DAD-86FA-F644D4CED229"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A886803-A0D4-4A18-B90E-651B8063B1B3"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5F42DEC-9473-4652-B8D3-A571E46C0136"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B211FDB5-20DE-41B4-BF79-F0811DF62F9C"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D12A2FA-3D5D-4152-B939-C5D090BA371E"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6458D6AD-90B9-4F13-8270-48A47EB2EAA7"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F936FFDF-CD21-46A6-B42E-C0E536CD3A9D"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.80.9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88A902AF-FB25-4B10-BF6F-46DCC2FB060C"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A58F01C3-81C2-47DC-A66F-888E45158895"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAC62A53-C315-4516-892F-F0CF7C598E49"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E72FD830-954B-4F14-9B59-86121269C392"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4E0203EF-7FD9-4D97-AC33-6977A38495C5"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "836B0B0F-EA7B-4252-B0B2-8ABBEB1BACD3"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEA06505-8088-443F-8A16-03B5B7459E05"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0C9DF802-D20B-4EFD-9397-67FC25B2317B"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E201F029-ED85-483F-A194-A65365D02156"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D4EEE0C-BC05-42CC-A2BD-2CC238A344DF"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13FC087F-1AA1-45DC-978F-B066CA99F7B0"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0303AA5C-C83F-4D3E-A545-A438FF24C18E"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.11:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BEF14135-0B89-4428-9D91-4C097E6F5497"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8047C0DE-D3B9-425B-8577-DDA870814B33"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FDA5D81E-5195-41D7-AAE1-79AE77C167A5"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7CA5A01-94AD-46E5-BDC0-E1984D644CB4"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5911C646-504F-4347-B3C4-7CAA352891D2"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.81.13.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8196D7D1-C25C-4506-9A77-0BD547164450"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F5CE606-E5CE-475A-8334-48017B2EF899"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ABB71F54-4B83-454E-A7BF-9A52B216FBB2"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8F01FF0-F862-4823-B7EC-4138A69047B1"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AD8700D-3EE2-4BA9-8C99-D871F98B26A9"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F73A0D7-2AA2-4F18-BB68-4B39DE951FAE"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4DC8A9E-2C1D-404B-BBF6-E5CE7A5204D0"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADC6A6AA-C090-4816-8AA3-A95C036FC203"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCE0CFE0-6F72-4C6E-B55C-A5931D2C4142"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.82.7.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E22A4E5-3CB2-49DB-BD12-764D00A6C379"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CCECD13-39EE-4AB4-AC40-3963FD8B80B2"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "910B4E1F-1746-4902-BF42-1FCC2CA7E89D"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DF85285-18BE-48D4-9A79-5999424DA5A0"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "11743C71-8DEC-41F1-9E9F-A1C0323EF4C5"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "541975D2-A4B9-44ED-AE37-FE525E5C2A94"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCB55949-1DF4-4A4E-88B8-FBF78744D8A1"}, {"criteria": "cpe:2.3:a:canonical:ubuntu_software_properties:0.92.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C77BCD4-680F-4D6D-9B4B-523BBFC68930"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}