CVE-2022-29549

EPSS 0.07%
Veröffentlicht 18.08.2022 13:15:07
Zuletzt bearbeitet 21.11.2024 06:59:18
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full pathnames without first making ownership and permission checks (e.g., to help ensure that a program was installed by root) and without integrity checks (e.g., a checksum comparison against known legitimate programs). Also, the vendor recommendation is to install this agent software with root privileges. Thus, privilege escalation is possible on systems where any of these pathnames is controlled by a non-root user. An example is /opt/firebird/bin/isql, where the /opt/firebird directory is often owned by the firebird user.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Qualys ≫ Cloud Agent For Linux Version < 2.5.548.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.07%	0.228

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.3	1.3	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-354 Improper Validation of Integrity Check Value

The product does not validate or incorrectly validates the integrity check values or "checksums" of a message. This may prevent it from detecting if the data has been modified or corrupted in transmission.

http://packetstormsecurity.com/files/168367/Qualys-Cloud-Agent-Arbitrary-Code-Execution.html

Third Party Advisory

http://seclists.org/fulldisclosure/2022/Sep/10

Third Party Advisory

Mailing List

http://software.firstworks.com/p/getting-started-with-firebird.html

Not Applicable

https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux

Vendor Advisory

https://blog.qualys.com/vulnerabilities-threat-research

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-29549