FKIE_CVE-2022-31252

Vulnerability from fkie_nvd - Published: 2022-10-06 18:16 - Updated: 2024-11-21 07:04
Severity ?
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
4.4 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225.
References
meissner@suse.dehttps://bugzilla.suse.com/show_bug.cgi?id=1203018Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.suse.com/show_bug.cgi?id=1203018Issue Tracking, Vendor Advisory
Impacted products
Vendor Product Version
opensuse leap 15.3
opensuse leap 15.4
opensuse leap_micro 5.2
suse linux_enterprise_server 12
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:leap:15.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "090F0D1A-6BF8-4810-8942-3FFE4FBF7FE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:leap:15.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE80EB04-7F9D-4C0B-85DB-4A13DEACB5E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:leap_micro:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "71185E66-2527-46B5-AEEB-23EB741E9029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:*:*:*:*",
              "matchCriteriaId": "29AE5751-3EA5-4056-8E79-16D8DCD248EF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A Incorrect Authorization vulnerability in chkstat of SUSE Linux Enterprise Server 12-SP5; openSUSE Leap 15.3, openSUSE Leap 15.4, openSUSE Leap Micro 5.2 did not consider group writable path components, allowing local attackers with access to a group what can write to a location included in the path to a privileged binary to influence path resolution. This issue affects: SUSE Linux Enterprise Server 12-SP5 permissions versions prior to 20170707. openSUSE Leap 15.3 permissions versions prior to 20200127. openSUSE Leap 15.4 permissions versions prior to 20201225. openSUSE Leap Micro 5.2 permissions versions prior to 20181225."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de autorizaci\u00f3n incorrecta en chkstat de SUSE Linux Enterprise Server versi\u00f3n 12-SP5; openSUSE Leap versi\u00f3n 15.3, openSUSE Leap versi\u00f3n 15.4, openSUSE Leap Micro versi\u00f3n 5.2, no ten\u00eda en cuenta los componentes de la ruta de escritura del grupo, lo que permit\u00eda a atacantes locales con acceso a un grupo lo que puede escribir en una ubicaci\u00f3n incluida en la ruta de un binario privilegiado para influir en la resoluci\u00f3n de la ruta. Este problema afecta a: SUSE Linux Enterprise Server 12-SP5 versiones de permisos anteriores a 20170707. openSUSE Leap 15.3 versiones de permisos anteriores a 20200127. openSUSE Leap 15.4 versiones de permisos anteriores a 20201225. openSUSE Leap Micro 5.2 versiones de permisos anteriores a 20181225"
    }
  ],
  "id": "CVE-2022-31252",
  "lastModified": "2024-11-21T07:04:13.567",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 2.5,
        "source": "meissner@suse.de",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-06T18:16:01.710",
  "references": [
    {
      "source": "meissner@suse.de",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1203018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1203018"
    }
  ],
  "sourceIdentifier": "meissner@suse.de",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "meissner@suse.de",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-863"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.