TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2022-4318

HIGH
7.8

Beschreibung

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.

CVE Details

CVSS v3.1 Bewertung7.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht9/25/2023
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

fedoraproject:extra_packages_for_enterprise_linuxfedoraproject:fedorakubernetes:cri-oredhat:enterprise_linuxredhat:openshift_container_platform_for_arm64redhat:openshift_container_platform_for_linuxoneredhat:openshift_container_platform_for_powerredhat:openshift_container_platform_ibm_z_systems

Schwachen (CWE)

CWE-538CWE-913

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.