← Volver a CVEs
CVE-2022-22704
CRITICAL9.8
Descripcion
The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado1/6/2022
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
alpinelinux:alpine_linuxzabbix:zabbix-agent2
Debilidades (CWE)
CWE-909
Referencias
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13368(cve@mitre.org)
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13368(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.