CVE-2022-45153

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-45153
An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e.

7.8 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://bugzilla.suse.com/show_bug.cgi?id=1205990 Exploit Issue Tracking
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:suse:linux_enterprise_module_for_sap_applications:15:sp1:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.4:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:sp5:*:*:*:sap:*:*
History

No history.

Information

Published : 2023-02-15 10:15

Updated : 2024-02-28 19:51

NVD link : CVE-2022-45153

Mitre link : CVE-2022-45153

CVE.ORG link : CVE-2022-45153

JSON object : View

Products Affected

suse

  • linux_enterprise_server
  • linux_enterprise_module_for_sap_applications

opensuse

  • leap
CWE
CWE-276

Incorrect Default Permissions


NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024