Lucene search
Redhat.comRH:CVE-2022-4318HistoryDec 12, 2022 - 6:34 p.m.
CVE-2022-4318
2022-12-1218:34:51
redhat.com
access.redhat.com
17
cve-2022-4318
cri-o vulnerability
/etc/passwd manipulation
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.
Related
nessus
nessus
RHCOS 4 : OpenShift Container Platform 4.11.34 (RHSA-2023:1503)
2024-01-24 00:00:00
RHEL 8 / 9 : OpenShift Container Platform 4.12.6 (RHSA-2023:1033)
2024-04-28 00:00:00
RHEL 8 : OpenShift Container Platform 4.11.34 (RHSA-2023:1503)
2024-04-23 00:00:00
nvd
nvd
CVE-2022-4318
2023-09-25 20:15:10
redhat
redhat
github
github
CRI-O vulnerable to /etc/passwd tampering resulting in Privilege Escalation
2022-12-29 01:49:47
prion
prion
Design/Logic Flaw
2023-09-25 20:15:00
cve
cve
CVE-2022-4318
2023-09-25 20:15:10
veracode
veracode
Privilege Escalation
2023-01-11 03:45:30
cvelist
cvelist
CVE-2022-4318 Cri-o: /etc/passwd tampering privesc
2023-09-25 19:23:02
vulnrichment
vulnrichment
CVE-2022-4318 Cri-o: /etc/passwd tampering privesc
2023-09-25 19:23:02
osv
osv
CRI-O vulnerable to /etc/passwd tampering resulting in Privilege Escalation
2022-12-29 01:49:47
redos
redos
ROS-20240401-03
2024-04-01 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package cri-o version 1.26.2-alt1
2023-03-29 00:00:00
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.0004 Low
EPSS
Percentile
5.1%
Related for RH:CVE-2022-4318