Lucene search

[email protected]NVD:CVE-2022-45153

HistoryFeb 15, 2023 - 10:15 a.m.

CVE-2022-45153

2023-02-1510:15:16

CWE-276

[email protected]

web.nvd.nist.gov

suse linux enterprise

sap applications

permissions vulnerability

local attackers escalation

sudo configuration manipulation

cve-2022-45153

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e.

Affected configurations

NVD

Node

suselinux_enterprise_module_for_sap_applicationsMatch15sp1

opensuseleapMatch15.4

suselinux_enterprise_serverMatch12sp5sap

References

bugzilla.suse.com/show_bug.cgi?id=1205990

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2022-45153

prion1 nessus3 openvas1 cvelist1 cve1