CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
21.9%
file.copy operations in GruntJS are vulnerable to a TOCTOU race condition
leading to arbitrary file write in GitHub repository gruntjs/grunt prior to
1.5.3. This vulnerability is capable of arbitrary file writes which can
lead to local privilege escalation to the GruntJS user if a
lower-privileged user has write access to both source and destination
directories as the lower-privileged user can create a symlink to the
GruntJS user’s .bashrc file or replace /etc/shadow file if the GruntJS user
is root.
Author | Note |
---|---|
ccdm94 | this CVE seems to be closely related to CVE-2022-0436, with its fix editing code which was included in the patch to CVE-2022-0436 as well. In the bug bounty report to this CVE, the researcher mentions that the possibility of this vulnerability existing had already been considered in the CVE-2022-0436 bug bounty report, however, a fix for this was not applied together with the fix for CVE-2022-0436, and therefore, a new report was made. |
github.com/gruntjs/grunt/commit/58016ffac5ed9338b63ecc2a63710f5027362bae
huntr.dev/bounties/0179c3e5-bc02-4fc9-8491-a1a319b51b4d
launchpad.net/bugs/cve/CVE-2022-1537
nvd.nist.gov/vuln/detail/CVE-2022-1537
security-tracker.debian.org/tracker/CVE-2022-1537
ubuntu.com/security/notices/USN-5847-1
www.cve.org/CVERecord?id=CVE-2022-1537
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
21.9%