CVE-2022-26691 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	No
Type	Authentication bypass
Description	CUPS requires users to demonstrate root/admin level access to perform various printer management related functions. Authentication to CUPS is completed by a web interface or over a dedicated file socket. Traditionally, users authenticate via traditional HTTP “Basic” web authorization. However, CUPS also allows authentication via a 32 byte randomly generated hex string. This method of authorization, called “Local” authorization by CUPS, has a bug that allows an attacker to authenticate to CUPS as root/admin without the 32-byte secret key. Root/admin access to CUPS yields arbitrary code execution as root with further effort. This affects CUPS 2.x

References
https://bugzilla.redhat.com/show_bug.cgi?id=2084321 https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md

References

https://bugzilla.redhat.com/show_bug.cgi?id=2084321
https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md

Notes
while the advisory on gh only mentions the apple cups release, the openprinting cups also seems affected