Lucene search
Veracode Vulnerability DatabaseVERACODE:38444HistoryDec 13, 2022 - 3:44 a.m.
Privilege Escalation
2022-12-1303:44:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
vulnerability
privilege escalation
amazon cloudwatch agent
user trigger
pop-up window
system permissions
windows
administrative access
command prompt
EPSS
0.001
Percentile
40.4%
github.com/aws/amazon-cloudwatch-agent is vulnerable to privilege escalation. The vulnerability exists when a user triggers a repair of the Agent which results in a pop-up window opening with SYSTEM permissions on Windows, allowing an attacker with administrative access to create a new command prompt as NT AUTHORITY\SYSTEM, which leads to privilege escalation.
References
github.com/aws/amazon-cloudwatch-agent/commit/6119858864c317ff26f41f576c169148d1250837
github.com/aws/amazon-cloudwatch-agent/commit/6119858864c317ff26f41f576c169148d1250837#diff-76ed074a9305c04054cdebb9e9aad2d818052b07091de1f20cad0bbac34ffb52
github.com/aws/amazon-cloudwatch-agent/pull/543
github.com/aws/amazon-cloudwatch-agent/security/advisories/GHSA-j8x2-2m5w-j939
Related
cve
cve
CVE-2022-23511
2022-12-12 13:15:12
osv
osv
Amazon CloudWatch Agent for Windows has Privilege Escalation Vector
2022-12-12 14:38:28
Amazon CloudWatch Agent for Windows has Privilege Escalation Vector in github.com/aws/amazon-cloudwatch-agent
2024-08-21 16:03:59
CVE-2022-23511
2022-12-12 13:15:12
nessus
nessus
Amazon CloudWatch Agent < 1.247355 (GHSA-j8x2-2m5w-j939)
2024-02-29 00:00:00
nvd
nvd
CVE-2022-23511
2022-12-12 13:15:12
prion
prion
Privilege escalation
2022-12-12 13:15:00
cvelist
cvelist
CVE-2022-23511
2022-12-12 00:00:00
github
github
Amazon CloudWatch Agent for Windows has Privilege Escalation Vector
2022-12-12 14:38:28