{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2019-19232","title":"Title"},{"category":"description","text":"In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2019-19232","url":"https://www.suse.com/security/cve/CVE-2019-19232"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1159618 for CVE-2019-19232","url":"https://bugzilla.suse.com/1159618"}],"title":"SUSE CVE CVE-2019-19232","tracking":{"current_release_date":"2025-07-08T00:19:07Z","generator":{"date":"2023-02-15T04:06:21Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2019-19232","initial_release_date":"2023-02-15T04:06:21Z","revision_history":[{"date":"2023-02-15T04:06:21Z","number":"2","summary":"Current version"},{"date":"2023-10-31T02:32:33Z","number":"3","summary":"Current version"},{"date":"2024-10-05T06:03:53Z","number":"4","summary":"Current version"},{"date":"2024-10-21T19:21:19Z","number":"5","summary":"Current version"},{"date":"2025-01-01T06:10:00Z","number":"6","summary":"Current version"},{"date":"2025-02-15T06:47:31Z","number":"7","summary":"Current version"},{"date":"2025-02-17T07:12:44Z","number":"8","summary":"Current version"},{"date":"2025-03-13T17:10:31Z","number":"9","summary":"Current version"},{"date":"2025-03-15T10:27:11Z","number":"10","summary":"Current version"},{"date":"2025-04-25T05:57:13Z","number":"11","summary":"Current version"},{"date":"2025-07-08T00:19:07Z","number":"12","summary":"Current version"}],"status":"interim","version":"12"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Container as a Service Platform 2.0","product":{"name":"SUSE Container as a Service Platform 2.0","product_id":"SUSE Container as a Service Platform 2.0","product_identification_helper":{"cpe":"cpe:/o:suse:caasp:2.0"}}},{"category":"product_name","name":"SUSE Liberty Linux 8","product":{"name":"SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8","product_identification_helper":{"cpe":"cpe:/o:suse:sll:8"}}},{"category":"product_name","name":"SUSE Linux Enterprise Desktop 12 SP4","product":{"name":"SUSE Linux Enterprise Desktop 12 SP4","product_id":"SUSE Linux Enterprise Desktop 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sled:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Desktop 15","product":{"name":"SUSE Linux Enterprise Desktop 15","product_id":"SUSE Linux Enterprise Desktop 15","product_identification_helper":{"cpe":"cpe:/o:suse:sled:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 12 SP4","product":{"name":"SUSE Linux Enterprise High Performance Computing 12 SP4","product_id":"SUSE Linux Enterprise High Performance Computing 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-hpc:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 12 SP5","product":{"name":"SUSE Linux Enterprise High Performance Computing 12 SP5","product_id":"SUSE Linux Enterprise High Performance Computing 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sle-hpc:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15","product":{"name":"SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15","product_id":"SUSE Linux Enterprise Module for Basesystem 15","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 11 SP1 for Teradata","product":{"name":"SUSE Linux Enterprise Server 11 SP1 for Teradata","product_id":"SUSE Linux Enterprise Server 11 SP1 for Teradata","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sles_teradata:11:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 11 SP3 for Teradata","product":{"name":"SUSE Linux Enterprise Server 11 SP3 for Teradata","product_id":"SUSE Linux Enterprise Server 11 SP3 for Teradata","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sles_teradata:11:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 11 SP4 LTSS","product":{"name":"SUSE Linux Enterprise Server 11 SP4 LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sles_ltss:11:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP1-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP1-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP2","product":{"name":"SUSE Linux Enterprise Server 12 SP2","product_id":"SUSE Linux Enterprise Server 12 SP2","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP2-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP2-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP3-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP3-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP3-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP4","product":{"name":"SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP4-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP5","product":{"name":"SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15","product":{"name":"SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server Teradata 12 SP3","product":{"name":"SUSE Linux Enterprise Server Teradata 12 SP3","product_id":"SUSE Linux Enterprise Server Teradata 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles_teradata:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP2","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP2","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP2","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Software Development Kit 12 SP5","product":{"name":"SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sle-sdk:12:sp5"}}},{"category":"product_version","name":"sudo","product":{"name":"sudo","product_id":"sudo","product_identification_helper":{"cpe":"cpe:2.3:a:todd_miller:sudo:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/sudo@?upstream=sudo.src.rpm"}}},{"category":"product_version","name":"sudo-1.8.29-5.el8","product":{"name":"sudo-1.8.29-5.el8","product_id":"sudo-1.8.29-5.el8","product_identification_helper":{"cpe":"cpe:2.3:a:todd_miller:sudo:1.8.29:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/sudo@1.8.29-5.el8?upstream=sudo-1.8.29-5.el8.src.rpm"}}},{"category":"product_version","name":"sudo-devel","product":{"name":"sudo-devel","product_id":"sudo-devel","product_identification_helper":{"cpe":"cpe:2.3:a:todd_miller:sudo:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/sudo-devel@?upstream=sudo.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"sudo-1.8.29-5.el8 as component of SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8:sudo-1.8.29-5.el8"},"product_reference":"sudo-1.8.29-5.el8","relates_to_product_reference":"SUSE Liberty Linux 8"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Container as a Service Platform 2.0","product_id":"SUSE Container as a Service Platform 2.0:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Container as a Service Platform 2.0"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Desktop 12 SP4","product_id":"SUSE Linux Enterprise Desktop 12 SP4:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Desktop 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise High Performance Computing 12 SP4","product_id":"SUSE Linux Enterprise High Performance Computing 12 SP4:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise High Performance Computing 12 SP5","product_id":"SUSE Linux Enterprise High Performance Computing 12 SP5:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server 15"},{"category":"default_component_of","full_product_name":{"name":"sudo-devel as component of SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15:sudo-devel"},"product_reference":"sudo-devel","relates_to_product_reference":"SUSE Linux Enterprise Server 15"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Desktop 15","product_id":"SUSE Linux Enterprise Desktop 15:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15"},{"category":"default_component_of","full_product_name":{"name":"sudo-devel as component of SUSE Linux Enterprise Desktop 15","product_id":"SUSE Linux Enterprise Desktop 15:sudo-devel"},"product_reference":"sudo-devel","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"sudo-devel as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel"},"product_reference":"sudo-devel","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15"},{"category":"default_component_of","full_product_name":{"name":"sudo-devel as component of SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15:sudo-devel"},"product_reference":"sudo-devel","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Module for Basesystem 15","product_id":"SUSE Linux Enterprise Module for Basesystem 15:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15"},{"category":"default_component_of","full_product_name":{"name":"sudo-devel as component of SUSE Linux Enterprise Module for Basesystem 15","product_id":"SUSE Linux Enterprise Module for Basesystem 15:sudo-devel"},"product_reference":"sudo-devel","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server 11 SP1 for Teradata","product_id":"SUSE Linux Enterprise Server 11 SP1 for Teradata:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP1 for Teradata"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server 11 SP3 for Teradata","product_id":"SUSE Linux Enterprise Server 11 SP3 for Teradata:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP3 for Teradata"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server 11 SP4 LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4 LTSS:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4 LTSS"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server 12 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP1-LTSS:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server 12 SP2","product_id":"SUSE Linux Enterprise Server 12 SP2:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server 12 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP2-LTSS:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2-LTSS"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server 12 SP3-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP3-LTSS:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3-LTSS"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server 12 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP4-LTSS:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server Teradata 12 SP3","product_id":"SUSE Linux Enterprise Server Teradata 12 SP3:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server Teradata 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP2:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"sudo-devel as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:sudo-devel"},"product_reference":"sudo-devel","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"sudo-devel as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-devel"},"product_reference":"sudo-devel","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"sudo-devel as component of SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel"},"product_reference":"sudo-devel","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"sudo as component of SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5:sudo"},"product_reference":"sudo","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 12 SP5"}]},"vulnerabilities":[{"cve":"CVE-2019-19232","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-19232"}],"notes":[{"category":"general","text":"In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user. NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions","title":"CVE description"}],"product_status":{"known_affected":["SUSE Linux Enterprise High Performance Computing 12 SP4:sudo","SUSE Linux Enterprise High Performance Computing 12 SP5:sudo","SUSE Linux Enterprise Server 12 SP4-LTSS:sudo","SUSE Linux Enterprise Server 12 SP4:sudo","SUSE Linux Enterprise Server 12 SP5:sudo","SUSE Linux Enterprise Server 12 SP5:sudo-devel","SUSE Linux Enterprise Server Teradata 12 SP3:sudo","SUSE Linux Enterprise Server for SAP Applications 12 SP4:sudo","SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo","SUSE Linux Enterprise Server for SAP Applications 12 SP5:sudo-devel","SUSE Linux Enterprise Software Development Kit 12 SP5:sudo","SUSE Linux Enterprise Software Development Kit 12 SP5:sudo-devel"],"known_not_affected":["SUSE Container as a Service Platform 2.0:sudo","SUSE Linux Enterprise Desktop 12 SP4:sudo","SUSE Linux Enterprise Desktop 15:sudo","SUSE Linux Enterprise Desktop 15:sudo-devel","SUSE Linux Enterprise High Performance Computing 15:sudo","SUSE Linux Enterprise High Performance Computing 15:sudo-devel","SUSE Linux Enterprise Module for Basesystem 15:sudo","SUSE Linux Enterprise Module for Basesystem 15:sudo-devel","SUSE Linux Enterprise Server 11 SP1 for Teradata:sudo","SUSE Linux Enterprise Server 11 SP3 for Teradata:sudo","SUSE Linux Enterprise Server 11 SP4 LTSS:sudo","SUSE Linux Enterprise Server 12 SP1-LTSS:sudo","SUSE Linux Enterprise Server 12 SP2-LTSS:sudo","SUSE Linux Enterprise Server 12 SP2:sudo","SUSE Linux Enterprise Server 12 SP3-LTSS:sudo","SUSE Linux Enterprise Server 15:sudo","SUSE Linux Enterprise Server 15:sudo-devel","SUSE Linux Enterprise Server for SAP Applications 12 SP2:sudo","SUSE Linux Enterprise Server for SAP Applications 12 SP3:sudo","SUSE Linux Enterprise Server for SAP Applications 15:sudo","SUSE Linux Enterprise Server for SAP Applications 15:sudo-devel"],"recommended":["SUSE Liberty Linux 8:sudo-1.8.29-5.el8"]},"references":[{"category":"external","summary":"CVE-2019-19232","url":"https://www.suse.com/security/cve/CVE-2019-19232"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1159618 for CVE-2019-19232","url":"https://bugzilla.suse.com/1159618"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Liberty Linux 8:sudo-1.8.29-5.el8"]}],"scores":[{"cvss_v3":{"baseScore":6.7,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Liberty Linux 8:sudo-1.8.29-5.el8"]}],"threats":[{"category":"impact","date":"2019-12-19T23:35:09Z","details":"moderate"}],"title":"CVE-2019-19232"}]}