Security advisory.
Possible local privilege escalation for Qualys Cloud Agent for Linux with Manifest versions prior to 2.5.548.2
Advisory ID: | Q-PSA-2022-01 |
CVE ID: | CVE-2022-29549 |
Published: | 2022-08-15 |
Last Update: | 2022-08-15 |
CWE: | CWE-284 |
Risk Factor
NVD Risk Rating | Qualys Risk Rating | |
CVSSv3.1 Score | 7.0 / High | 6.7 / Medium |
CVSSv3.1 Vector (Base) | AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H | AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
Description
Qualys Cloud Agent for Linux with signature manifest versions prior to 2.5.548.2 executes programs at various full pathnames without first making ownership and permission checks. Privilege escalation is possible on a system where an attacker with local, write access to one of the vulnerable pathnames controlled by a non-root user installs arbitrary code, and the Qualys Agent is running as root. In such situations, an attacker could use the Qualys Cloud Agent to run arbitrary code as the root user.
Solution
No action required by customers. Enterprise TruRisk Platform updated across all regions effective immediately.
Affected Products
Qualys Cloud Agent for Linux with manifest versions prior to 2.5.548.2.
Severity Considerations
Qualys assesses the attack complexity for this vulnerability as high as it requires local system access by an attacker and the ability to write malicious files to user system paths. This lowers the overall severity score from High to Medium.
Further Information
References
Please provide links to release notes and documentation updates
Acknowledgments
Unqork Security Team (Justin Borland , Daniel Wood , David Heise , Bryan Li)