Cloud Platform
Support
Contact us

Security advisory.

Possible local privilege escalation for Qualys Cloud Agent for Linux with Manifest versions prior to 2.5.548.2

Advisory ID: Q-PSA-2022-01
CVE ID:  CVE-2022-29549
Published: 2022-08-15
Last Update:  2022-08-15
CWE: CWE-284

Risk Factor

NVD Risk Rating Qualys Risk Rating
CVSSv3.1 Score 7.0 / High 6.7 / Medium
CVSSv3.1 Vector (Base) AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Description

Qualys Cloud Agent for Linux with signature manifest versions prior to 2.5.548.2 executes programs at various full pathnames without first making ownership and permission checks. Privilege escalation is possible on a system where an attacker with local, write access to one of the vulnerable pathnames controlled by a non-root user installs arbitrary code, and the Qualys Agent is running as root. In such situations, an attacker could use the Qualys Cloud Agent to run arbitrary code as the root user. 

Solution

No action required by customers. Qualys cloud platform updated across all regions effective immediately.

Affected Products

Qualys Cloud Agent for Linux with manifest versions prior to 2.5.548.2.

Severity Considerations

Qualys assesses the attack complexity for this vulnerability as high as it requires local system access by an attacker and the ability to write malicious files to user system paths. This lowers the overall severity score from High to Medium.

Acknowledgments

Unqork Security Team (Justin Borland , Daniel Wood , David Heise , Bryan Li)

View more security advisories