7.8
CVE-2022-3650
- EPSS 0.33%
- Veröffentlicht 17.01.2023 19:15:11
- Zuletzt bearbeitet 03.11.2025 19:15:41
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.33% | 0.242 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
CWE-842 Placement of User into Incorrect Group
The product or the administrator places a user into an incorrect group.
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OEVVWT5ZFLYCVZNDJTDX7R6RY2W7JHP5/
https://seclists.org/oss-sec/2022/q4/41
https://security.gentoo.org/glsa/202312-10
https://lists.debian.org/debian-lts-announce/2025/09/msg00025.html