CWE-276
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
CVE-2022-27652 (GCVE-0-2022-27652)
Vulnerability from cvelistv5 – Published: 2022-04-18 16:20 – Updated: 2024-08-03 05:32
VLAI
Summary
A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.
Severity
No CVSS data available.
CWE
- CWE-276 - - Incorrect Default Permissions
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=2066839 | x_refsource_MISC |
| https://github.com/cri-o/cri-o/security/advisorie… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T05:32:59.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066839"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cri-o/cri-o/security/advisories/GHSA-4hj2-r2pm-3hc6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "cri-o",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Affects all versions."
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 - Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-18T16:20:29.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066839"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cri-o/cri-o/security/advisories/GHSA-4hj2-r2pm-3hc6"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2022-27652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cri-o",
"version": {
"version_data": [
{
"version_value": "Affects all versions."
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276 - Incorrect Default Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2066839",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2066839"
},
{
"name": "https://github.com/cri-o/cri-o/security/advisories/GHSA-4hj2-r2pm-3hc6",
"refsource": "MISC",
"url": "https://github.com/cri-o/cri-o/security/advisories/GHSA-4hj2-r2pm-3hc6"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2022-27652",
"datePublished": "2022-04-18T16:20:29.000Z",
"dateReserved": "2022-03-22T00:00:00.000Z",
"dateUpdated": "2024-08-03T05:32:59.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28702 (GCVE-0-2022-28702)
Vulnerability from cvelistv5 – Published: 2022-05-31 17:53 – Updated: 2024-09-17 00:30
VLAI
Title
e-Design - Multiple vulnerabilities
Summary
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine.
Severity
6.1 (Medium)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://search.abb.com/library/Download.aspx?Docu… | x_refsource_MISC |
Impacted products
Date Public
2022-05-26 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:03:53.022Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2%20CMT%200%200%206%200%208%206\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "e-Design",
"vendor": "ABB",
"versions": [
{
"lessThanOrEqual": "1.12.2.0004",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ABB thanks the Trend Micro\u0027s Zero Day Initiative (ZDI), more specifically Michael DePlante (@izobashi) for helping to identify the vulnerability and protecting our customers."
}
],
"datePublic": "2022-05-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-31T17:53:54.000Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2%20CMT%200%200%206%200%208%206\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "e-Design - Multiple vulnerabilities",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@ch.abb.com",
"DATE_PUBLIC": "2022-05-26T08:59:00.000Z",
"ID": "CVE-2022-28702",
"STATE": "PUBLIC",
"TITLE": "e-Design - Multiple vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "e-Design",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.12.2.0004"
}
]
}
}
]
},
"vendor_name": "ABB"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ABB thanks the Trend Micro\u0027s Zero Day Initiative (ZDI), more specifically Michael DePlante (@izobashi) for helping to identify the vulnerability and protecting our customers."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276 Incorrect Default Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=2%20CMT%200%200%206%200%208%206\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "MISC",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2%20CMT%200%200%206%200%208%206\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2022-28702",
"datePublished": "2022-05-31T17:53:54.324Z",
"dateReserved": "2022-05-06T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:30:55.177Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29162 (GCVE-0-2022-29162)
Vulnerability from cvelistv5 – Published: 2022-05-17 00:00 – Updated: 2025-04-23 18:25
VLAI
Title
Incorrect Default Permissions in runc
Summary
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.
Severity
5.9 (Medium)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
7 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| opencontainers | runc |
Affected:
< 1.1.2
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:10:59.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/opencontainers/runc/releases/tag/v1.1.2"
},
{
"name": "FEDORA-2022-91b747a0d7",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/"
},
{
"name": "FEDORA-2022-e980dc71b1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/"
},
{
"name": "FEDORA-2022-d1f55f8fd0",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/"
},
{
"name": "[debian-lts-announce] 20230327 [SECURITY] [DLA 3369-1] runc security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-29162",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:07:31.141979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:25:42.249Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "runc",
"vendor": "opencontainers",
"versions": [
{
"status": "affected",
"version": "\u003c 1.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container\u0027s bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-27T00:00:00.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66"
},
{
"url": "https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5"
},
{
"url": "https://github.com/opencontainers/runc/releases/tag/v1.1.2"
},
{
"name": "FEDORA-2022-91b747a0d7",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/"
},
{
"name": "FEDORA-2022-e980dc71b1",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/"
},
{
"name": "FEDORA-2022-d1f55f8fd0",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/"
},
{
"name": "[debian-lts-announce] 20230327 [SECURITY] [DLA 3369-1] runc security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"
}
],
"source": {
"advisory": "GHSA-f3fp-gc8g-vw66",
"discovery": "UNKNOWN"
},
"title": "Incorrect Default Permissions in runc"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-29162",
"datePublished": "2022-05-17T00:00:00.000Z",
"dateReserved": "2022-04-13T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:25:42.249Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29178 (GCVE-0-2022-29178)
Vulnerability from cvelistv5 – Published: 2022-05-20 18:15 – Updated: 2025-04-23 18:24
VLAI
Title
Incorrect Default Permissions in Cilium
Summary
Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 1000 can access the API of Cilium via Unix domain socket available on the host where Cilium is running. This could allow malicious users to compromise integrity as well as system availability on that host. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. A potential workaround is to modify Cilium's DaemonSet to run with a certain command, which can be found in the GitHub Security Advisory for this vulnerability.
Severity
8.8 (High)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/cilium/cilium/security/advisor… | x_refsource_CONFIRM |
| https://github.com/cilium/cilium/releases/tag/v1.10.11 | x_refsource_MISC |
| https://github.com/cilium/cilium/releases/tag/v1.11.5 | x_refsource_MISC |
| https://github.com/cilium/cilium/releases/tag/v1.9.16 | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:17:54.012Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-6p8v-8cq8-v2r3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cilium/cilium/releases/tag/v1.10.11"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cilium/cilium/releases/tag/v1.11.5"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/cilium/cilium/releases/tag/v1.9.16"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-29178",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:53:09.730292Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:24:33.303Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "cilium",
"vendor": "cilium",
"versions": [
{
"status": "affected",
"version": "\u003c 1.9.16"
},
{
"status": "affected",
"version": "\u003e= 1.10.0, \u003c 1.10.11"
},
{
"status": "affected",
"version": "\u003e= 1.11.0, \u003c 1.11.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 1000 can access the API of Cilium via Unix domain socket available on the host where Cilium is running. This could allow malicious users to compromise integrity as well as system availability on that host. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. A potential workaround is to modify Cilium\u0027s DaemonSet to run with a certain command, which can be found in the GitHub Security Advisory for this vulnerability."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-20T18:15:12.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-6p8v-8cq8-v2r3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cilium/cilium/releases/tag/v1.10.11"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cilium/cilium/releases/tag/v1.11.5"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/cilium/cilium/releases/tag/v1.9.16"
}
],
"source": {
"advisory": "GHSA-6p8v-8cq8-v2r3",
"discovery": "UNKNOWN"
},
"title": "Incorrect Default Permissions in Cilium",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-29178",
"STATE": "PUBLIC",
"TITLE": "Incorrect Default Permissions in Cilium"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "cilium",
"version": {
"version_data": [
{
"version_value": "\u003c 1.9.16"
},
{
"version_value": "\u003e= 1.10.0, \u003c 1.10.11"
},
{
"version_value": "\u003e= 1.11.0, \u003c 1.11.5"
}
]
}
}
]
},
"vendor_name": "cilium"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 1000 can access the API of Cilium via Unix domain socket available on the host where Cilium is running. This could allow malicious users to compromise integrity as well as system availability on that host. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. A potential workaround is to modify Cilium\u0027s DaemonSet to run with a certain command, which can be found in the GitHub Security Advisory for this vulnerability."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276: Incorrect Default Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/cilium/cilium/security/advisories/GHSA-6p8v-8cq8-v2r3",
"refsource": "CONFIRM",
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-6p8v-8cq8-v2r3"
},
{
"name": "https://github.com/cilium/cilium/releases/tag/v1.10.11",
"refsource": "MISC",
"url": "https://github.com/cilium/cilium/releases/tag/v1.10.11"
},
{
"name": "https://github.com/cilium/cilium/releases/tag/v1.11.5",
"refsource": "MISC",
"url": "https://github.com/cilium/cilium/releases/tag/v1.11.5"
},
{
"name": "https://github.com/cilium/cilium/releases/tag/v1.9.16",
"refsource": "MISC",
"url": "https://github.com/cilium/cilium/releases/tag/v1.9.16"
}
]
},
"source": {
"advisory": "GHSA-6p8v-8cq8-v2r3",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-29178",
"datePublished": "2022-05-20T18:15:12.000Z",
"dateReserved": "2022-04-13T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:24:33.303Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-29483 (GCVE-0-2022-29483)
Vulnerability from cvelistv5 – Published: 2022-05-31 17:54 – Updated: 2024-09-16 17:58
VLAI
Title
e-Design - Multiple vulnerabilities
Summary
Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine.
Severity
7.8 (High)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://search.abb.com/library/Download.aspx?Docu… | x_refsource_MISC |
Impacted products
Date Public
2022-05-26 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:26:05.838Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2%20CMT%200%200%206%200%208%206\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "e-Design",
"vendor": "ABB",
"versions": [
{
"lessThanOrEqual": "1.12.2.0004",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ABB thanks the Trend Micro\u0027s Zero Day Initiative (ZDI), more specifically Michael DePlante (@izobashi) for helping to identify the vulnerability and protecting our customers."
}
],
"datePublic": "2022-05-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276 Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-05-31T17:54:38.000Z",
"orgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"shortName": "ABB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2%20CMT%200%200%206%200%208%206\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "e-Design - Multiple vulnerabilities",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cybersecurity@ch.abb.com",
"DATE_PUBLIC": "2022-05-26T09:09:00.000Z",
"ID": "CVE-2022-29483",
"STATE": "PUBLIC",
"TITLE": "e-Design - Multiple vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "e-Design",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "1.12.2.0004"
}
]
}
}
]
},
"vendor_name": "ABB"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "ABB thanks the Trend Micro\u0027s Zero Day Initiative (ZDI), more specifically Michael DePlante (@izobashi) for helping to identify the vulnerability and protecting our customers."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect Default Permissions vulnerability in ABB e-Design allows attacker to install malicious software executing with SYSTEM permissions violating confidentiality, integrity, and availability of the target machine."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276 Incorrect Default Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://search.abb.com/library/Download.aspx?DocumentID=2%20CMT%200%200%206%200%208%206\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch",
"refsource": "MISC",
"url": "https://search.abb.com/library/Download.aspx?DocumentID=2%20CMT%200%200%206%200%208%206\u0026LanguageCode=en\u0026DocumentPartId=\u0026Action=Launch"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2b718523-d88f-4f37-9bbd-300c20644bf9",
"assignerShortName": "ABB",
"cveId": "CVE-2022-29483",
"datePublished": "2022-05-31T17:54:38.776Z",
"dateReserved": "2022-05-06T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:58:38.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30338 (GCVE-0-2022-30338)
Vulnerability from cvelistv5 – Published: 2023-05-10 13:16 – Updated: 2025-01-27 18:07
VLAI
Summary
Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity
6.7 (Medium)
CWE
- escalation of privilege
- CWE-276 - Incorrect default permissions
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Intel(R) VROC software |
Affected:
before version 7.7.6.1003
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:48:36.129Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00692.html",
"tags": [
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00692.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-30338",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-27T17:28:17.446814Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T18:07:46.830Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) VROC software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 7.7.6.1003"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-276",
"description": "Incorrect default permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-05-10T13:16:51.097Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00692.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00692.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-30338",
"datePublished": "2023-05-10T13:16:51.097Z",
"dateReserved": "2022-05-11T04:14:45.473Z",
"dateUpdated": "2025-01-27T18:07:46.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30747 (GCVE-0-2022-30747)
Vulnerability from cvelistv5 – Published: 2022-06-07 18:20 – Updated: 2024-08-03 06:56
VLAI
Summary
PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent.
Severity
5.5 (Medium)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.samsungmobile.com/serviceWeb.sms… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Samsung Mobile | Smart Things |
Affected:
unspecified , < 1.7.85.25
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:56:13.997Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=6"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Smart Things",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "1.7.85.25",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-07T18:20:41.000Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=6"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2022-30747",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Smart Things",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "1.7.85.25"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PendingIntent hijacking vulnerability in Smart Things prior to 1.7.85.25 allows local attackers to access files without permission via implicit Intent."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276: Incorrect Default Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=6",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/serviceWeb.smsb?year=2022\u0026month=6"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2022-30747",
"datePublished": "2022-06-07T18:20:41.000Z",
"dateReserved": "2022-05-16T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:56:13.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-30758 (GCVE-0-2022-30758)
Vulnerability from cvelistv5 – Published: 2022-07-11 13:33 – Updated: 2024-08-03 06:56
VLAI
Summary
Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder.
Severity
4 (Medium)
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://security.samsungmobile.com/securityUpdate… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Samsung Mobile | Samsung Mobile Devices |
Affected:
Q(10), R(11), S(12) , < SMR Jul-2022 Release 1
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T06:56:14.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=7"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Samsung Mobile Devices",
"vendor": "Samsung Mobile",
"versions": [
{
"lessThan": "SMR Jul-2022 Release 1",
"status": "affected",
"version": "Q(10), R(11), S(12)",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-11T13:33:10.000Z",
"orgId": "3af57064-a867-422c-b2ad-40307b65c458",
"shortName": "Samsung Mobile"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=7"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "mobile.security@samsung.com",
"ID": "CVE-2022-30758",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Samsung Mobile Devices",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "Q(10), R(11), S(12)",
"version_value": "SMR Jul-2022 Release 1"
}
]
}
}
]
},
"vendor_name": "Samsung Mobile"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276: Incorrect Default Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=7",
"refsource": "MISC",
"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2022\u0026month=7"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
"assignerShortName": "Samsung Mobile",
"cveId": "CVE-2022-30758",
"datePublished": "2022-07-11T13:33:10.000Z",
"dateReserved": "2022-05-16T00:00:00.000Z",
"dateUpdated": "2024-08-03T06:56:14.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31071 (GCVE-0-2022-31071)
Vulnerability from cvelistv5 – Published: 2022-06-15 22:35 – Updated: 2025-04-23 18:11
VLAI
Title
Octopoller gem published with world-writable files
Summary
Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octopoller 0.3.0. Two workarounds are available. Users can use the previous version of the gem, v0.1.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version.
Severity
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/octokit/octopoller.rb/security… | x_refsource_CONFIRM |
| https://github.com/octokit/octopoller.rb/commit/a… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| octokit | octopoller.rb |
Affected:
= 0.2.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:03:40.343Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/octokit/octopoller.rb/security/advisories/GHSA-26qj-cr27-r5c4"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/octokit/octopoller.rb/commit/abed2b8d05abe2cc3eb6bdfb34e53d465e7c7874"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31071",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:05:05.517990Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:11:19.222Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "octopoller.rb",
"vendor": "octokit",
"versions": [
{
"status": "affected",
"version": "= 0.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octopoller 0.3.0. Two workarounds are available. Users can use the previous version of the gem, v0.1.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T22:35:15.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/octokit/octopoller.rb/security/advisories/GHSA-26qj-cr27-r5c4"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/octokit/octopoller.rb/commit/abed2b8d05abe2cc3eb6bdfb34e53d465e7c7874"
}
],
"source": {
"advisory": "GHSA-26qj-cr27-r5c4",
"discovery": "UNKNOWN"
},
"title": "Octopoller gem published with world-writable files",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31071",
"STATE": "PUBLIC",
"TITLE": "Octopoller gem published with world-writable files"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octopoller.rb",
"version": {
"version_data": [
{
"version_value": "= 0.2.0"
}
]
}
}
]
},
"vendor_name": "octokit"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octopoller 0.3.0. Two workarounds are available. Users can use the previous version of the gem, v0.1.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276: Incorrect Default Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/octokit/octopoller.rb/security/advisories/GHSA-26qj-cr27-r5c4",
"refsource": "CONFIRM",
"url": "https://github.com/octokit/octopoller.rb/security/advisories/GHSA-26qj-cr27-r5c4"
},
{
"name": "https://github.com/octokit/octopoller.rb/commit/abed2b8d05abe2cc3eb6bdfb34e53d465e7c7874",
"refsource": "MISC",
"url": "https://github.com/octokit/octopoller.rb/commit/abed2b8d05abe2cc3eb6bdfb34e53d465e7c7874"
}
]
},
"source": {
"advisory": "GHSA-26qj-cr27-r5c4",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31071",
"datePublished": "2022-06-15T22:35:15.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:11:19.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31072 (GCVE-0-2022-31072)
Vulnerability from cvelistv5 – Published: 2022-06-15 22:35 – Updated: 2025-04-23 18:11
VLAI
Title
Octokit gem published with world-writable files
Summary
Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octokit 4.25.0. Two workarounds are available. Users can use the previous version of the gem, v4.22.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version.
Severity
CWE
- CWE-276 - Incorrect Default Permissions
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/octokit/octokit.rb/security/ad… | x_refsource_CONFIRM |
| https://github.com/octokit/octokit.rb/commit/1c8e… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| octokit | octokit.rb |
Affected:
>= 4.23.0, < 4.25.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:03:40.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/octokit/octokit.rb/security/advisories/GHSA-g28x-pgr3-qqx6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/octokit/octokit.rb/commit/1c8edecc9cf23d1ceb959d91a416a69f55ce7d55"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31072",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:05:08.184998Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:11:25.606Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "octokit.rb",
"vendor": "octokit",
"versions": [
{
"status": "affected",
"version": "\u003e= 4.23.0, \u003c 4.25.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octokit 4.25.0. Two workarounds are available. Users can use the previous version of the gem, v4.22.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-15T22:35:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/octokit/octokit.rb/security/advisories/GHSA-g28x-pgr3-qqx6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/octokit/octokit.rb/commit/1c8edecc9cf23d1ceb959d91a416a69f55ce7d55"
}
],
"source": {
"advisory": "GHSA-g28x-pgr3-qqx6",
"discovery": "UNKNOWN"
},
"title": "Octokit gem published with world-writable files",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31072",
"STATE": "PUBLIC",
"TITLE": "Octokit gem published with world-writable files"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "octokit.rb",
"version": {
"version_data": [
{
"version_value": "\u003e= 4.23.0, \u003c 4.25.0"
}
]
}
}
]
},
"vendor_name": "octokit"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to `-rw-rw-rw-` (i.e. 0666) instead of `rw-r--r--` (i.e. 0644). This means everyone who is not the owner (Group and Public) with access to the instance where this release had been installed could modify the world-writable files from this gem. This issue is patched in Octokit 4.25.0. Two workarounds are available. Users can use the previous version of the gem, v4.22.0. Alternatively, users can modify the file permissions manually until they are able to upgrade to the latest version."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-276: Incorrect Default Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/octokit/octokit.rb/security/advisories/GHSA-g28x-pgr3-qqx6",
"refsource": "CONFIRM",
"url": "https://github.com/octokit/octokit.rb/security/advisories/GHSA-g28x-pgr3-qqx6"
},
{
"name": "https://github.com/octokit/octokit.rb/commit/1c8edecc9cf23d1ceb959d91a416a69f55ce7d55",
"refsource": "MISC",
"url": "https://github.com/octokit/octokit.rb/commit/1c8edecc9cf23d1ceb959d91a416a69f55ce7d55"
}
]
},
"source": {
"advisory": "GHSA-g28x-pgr3-qqx6",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31072",
"datePublished": "2022-06-15T22:35:10.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:11:25.606Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation ID: MIT-1
Phases: Architecture and Design, Operation
Description:
- The architecture needs to access and modification attributes for files to only those users who actually require those actions.
Mitigation ID: MIT-46
Phase: Architecture and Design
Strategy: Separation of Privilege
Description:
- Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
- Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
CAPEC-1: Accessing Functionality Not Properly Constrained by ACLs
In applications, particularly web applications, access to functionality is mitigated by an authorization framework. This framework maps Access Control Lists (ACLs) to elements of the application's functionality; particularly URL's for web apps. In the case that the administrator failed to specify an ACL for a particular element, an attacker may be able to access it with impunity. An attacker with the ability to access functionality not properly constrained by ACLs can obtain sensitive information and possibly compromise the entire application. Such an attacker can access resources that must be available only to users at a higher privilege level, can access management sections of the application, or can run queries for data that they otherwise not supposed to.
CAPEC-127: Directory Indexing
An adversary crafts a request to a target that results in the target listing/indexing the content of a directory as output. One common method of triggering directory contents as output is to construct a request containing a path that terminates in a directory name rather than a file name since many applications are configured to provide a list of the directory's contents when such a request is received. An adversary can use this to explore the directory tree on a target as well as learn the names of files. This can often end up revealing test files, backup files, temporary files, hidden files, configuration files, user accounts, script contents, as well as naming conventions, all of which can be used by an attacker to mount additional attacks.
CAPEC-81: Web Server Logs Tampering
Web Logs Tampering attacks involve an attacker injecting, deleting or otherwise tampering with the contents of web logs typically for the purposes of masking other malicious behavior. Additionally, writing malicious data to log files may target jobs, filters, reports, and other agents that process the logs in an asynchronous attack pattern. This pattern of attack is similar to "Log Injection-Tampering-Forging" except that in this case, the attack is targeting the logs of the web server and not the application.