Vulnerability-Lookup

BDU:2023-03627

Vulnerability from fstec - Published: 11.05.2022

Title

Уязвимость функции Faccessa языка программирования Go, позволяющая нарушителю обойти существующие ограничения безопасности

Description

Уязвимость функции Faccessa языка программирования Go связана с небезопасным управлением привилегиями. Эксплуатация уязвимости может позволить нарушителю обойти существующие ограничения безопасности

Severity ?


                    
                      AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Vendor

Novell Inc., Red Hat Inc., Сообщество свободного программного обеспечения, Canonical Ltd., Fedora Project, The Go Project, NetApp Inc., Prometheus Monitoring Community

Software Name

OpenSUSE Leap, Red Hat Enterprise Linux, SUSE Linux Enterprise Server for SAP Applications, Debian GNU/Linux, Ubuntu, Red Hat Quay, Suse Linux Enterprise Server, Red Hat 3scale API Management Platform, Openshift Service Mesh, Fedora, Suse Linux Enterprise Desktop, Red Hat Openshift Data Foundation, Red Hat Advanced Cluster Management for Kubernetes, Red Hat OpenShift GitOps, Red Hat OpenShift Container Platform, Service Telemetry Framework, OpenShift Developer Tools and Services, Red Hat Ceph Storage, Red Hat Ansible Automation Platform, Go, BeeGFS CSI Driver, Red Hat Migration Toolkit for Containers, Red Hat Advanced Cluster Security (RHACS) for Kubernetes, Elasticsearch exporter

Software Version

15.5 (OpenSUSE Leap), 8 (Red Hat Enterprise Linux), 15 SP1 (SUSE Linux Enterprise Server for SAP Applications), 10 (Debian GNU/Linux), 20.04 LTS (Ubuntu), 3 (Red Hat Quay), 15 SP1-LTSS (Suse Linux Enterprise Server), 2 (Red Hat 3scale API Management Platform), 15.3 (OpenSUSE Leap), 2 (Openshift Service Mesh), 11 (Debian GNU/Linux), 35 (Fedora), 15.4 (OpenSUSE Leap), 15 SP3 (Suse Linux Enterprise Server), 15 SP3 (SUSE Linux Enterprise Server for SAP Applications), 15 SP3 (Suse Linux Enterprise Desktop), 4 (Red Hat Openshift Data Foundation), 15 SP2 (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Server for SAP Applications), 2 (Red Hat Advanced Cluster Management for Kubernetes), 36 (Fedora), - (Red Hat OpenShift GitOps), 15 SP4 (Suse Linux Enterprise Server), 15 SP2 (Suse Linux Enterprise Desktop), 4 (Red Hat OpenShift Container Platform), 15 SP4 (Suse Linux Enterprise Desktop), 15 SP2-BCL (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Server for SAP Applications), 22.04 LTS (Ubuntu), 2.3 (Red Hat Advanced Cluster Management for Kubernetes), 9 (Red Hat Enterprise Linux), 15 SP2-LTSS (Suse Linux Enterprise Server), 2.1.0 (Openshift Service Mesh), 4.10 (Red Hat OpenShift Container Platform), 1.4 for RHEL 8 (Service Telemetry Framework), - (OpenShift Developer Tools and Services), 15 SP3-LTSS (Suse Linux Enterprise Server), 5 (Red Hat Ceph Storage), 15 SP3-BCL (Suse Linux Enterprise Server), 1.5 for RHEL 8 (Service Telemetry Framework), 2 (Red Hat Ansible Automation Platform), 18.04 ESM (Ubuntu), до 1.17.10 (Go), до 1.18.2 (Go), - (BeeGFS CSI Driver), 1.7 (Red Hat Migration Toolkit for Containers), 6.1 (Red Hat Ceph Storage), 4.11 on RHEL8 (Red Hat Openshift Data Foundation), 3.72 (Red Hat Advanced Cluster Security (RHACS) for Kubernetes), 1.3.0 (Elasticsearch exporter)

Possible Mitigations

Компенсирующие меры: - отключение/удаление неиспользуемых учетных записей пользователей; - минимизация пользовательских привилегий; - использование антивирусных средств защиты; - контроль действий пользователей. Использование рекомендаций: Для языка программирования Go: https://github.com/golang/go/issues/52313 Для программных продуктов NetApp Inc: https://security.netapp.com/advisory/ntap-20220729-0001/ Для программных продуктов Novell Inc.: https://www.suse.com/security/cve/CVE-2022-29526.html Для программных продуктов Ubuntu: https://ubuntu.com/security/CVE-2022-29526 https://ubuntu.com/security/notices/USN-6038-1 Для программных продуктов Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2022-29526 Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/CVE-2022-29526 Для программных продуктов Fedora: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RAHIAFTIZMCEF3ZQVL7SJY4IBSXQWOBN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YSN5BXHCZQTGLSJC3V6JOZ46R5CTBU3B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DXZJ5JZ6P4VSNCTDQHKZCP6PZXR35LO5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YP4GPN53ZYTYGKZQLQV3SERVSY5UABO6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCRJHUCADVVE2ESDEG266KPDN2NTSYWB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LZ6AL57Q7SESK36HSUM74NHXTUHQCIP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUFJFACPQWAJXKNEG6K3VSB2IH7WFLRF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GRPEVU3GMI776CYVQLQC3DZ5PXUSAHXL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRBSD5IDGJABJYXM5U3EE7EO2BXO6XRG/

Reference

https://www.cybersecurity-help.cz/vdb/SB2023061930 https://groups.google.com/g/golang-announce https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU https://security.gentoo.org/glsa/202208-02 https://github.com/golang/go/issues/52313 https://security.netapp.com/advisory/ntap-20220729-0001/ https://www.suse.com/security/cve/CVE-2022-29526.html https://ubuntu.com/security/CVE-2022-29526 https://ubuntu.com/security/notices/USN-6038-1 https://security-tracker.debian.org/tracker/CVE-2022-29526 https://access.redhat.com/security/cve/CVE-2022-29526 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RAHIAFTIZMCEF3ZQVL7SJY4IBSXQWOBN/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YSN5BXHCZQTGLSJC3V6JOZ46R5CTBU3B/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DXZJ5JZ6P4VSNCTDQHKZCP6PZXR35LO5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YP4GPN53ZYTYGKZQLQV3SERVSY5UABO6/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCRJHUCADVVE2ESDEG266KPDN2NTSYWB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LZ6AL57Q7SESK36HSUM74NHXTUHQCIP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUFJFACPQWAJXKNEG6K3VSB2IH7WFLRF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GRPEVU3GMI776CYVQLQC3DZ5PXUSAHXL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRBSD5IDGJABJYXM5U3EE7EO2BXO6XRG/ https://github.com/prometheus-community/elasticsearch_exporter/releases/download/v1.3.0/elasticsearch_exporter-1.3.0.linux-amd64.tar.gz

CWE

CWE-269, CWE-280

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Canonical Ltd., Fedora Project, The Go Project, NetApp Inc., Prometheus Monitoring Community",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "15.5 (OpenSUSE Leap), 8 (Red Hat Enterprise Linux), 15 SP1 (SUSE Linux Enterprise Server for SAP Applications), 10 (Debian GNU/Linux), 20.04 LTS (Ubuntu), 3 (Red Hat Quay), 15 SP1-LTSS (Suse Linux Enterprise Server), 2 (Red Hat 3scale API Management Platform), 15.3 (OpenSUSE Leap), 2 (Openshift Service Mesh), 11 (Debian GNU/Linux), 35 (Fedora), 15.4 (OpenSUSE Leap), 15 SP3 (Suse Linux Enterprise Server), 15 SP3 (SUSE Linux Enterprise Server for SAP Applications), 15 SP3 (Suse Linux Enterprise Desktop), 4 (Red Hat Openshift Data Foundation), 15 SP2 (Suse Linux Enterprise Server), 15 SP2 (SUSE Linux Enterprise Server for SAP Applications), 2 (Red Hat Advanced Cluster Management for Kubernetes), 36 (Fedora), - (Red Hat OpenShift GitOps), 15 SP4 (Suse Linux Enterprise Server), 15 SP2 (Suse Linux Enterprise Desktop), 4 (Red Hat OpenShift Container Platform), 15 SP4 (Suse Linux Enterprise Desktop), 15 SP2-BCL (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Server for SAP Applications), 22.04 LTS (Ubuntu), 2.3 (Red Hat Advanced Cluster Management for Kubernetes), 9 (Red Hat Enterprise Linux), 15 SP2-LTSS (Suse Linux Enterprise Server), 2.1.0 (Openshift Service Mesh), 4.10 (Red Hat OpenShift Container Platform), 1.4 for RHEL 8 (Service Telemetry Framework), - (OpenShift Developer Tools and Services), 15 SP3-LTSS (Suse Linux Enterprise Server), 5 (Red Hat Ceph Storage), 15 SP3-BCL (Suse Linux Enterprise Server), 1.5 for RHEL 8 (Service Telemetry Framework), 2 (Red Hat Ansible Automation Platform), 18.04 ESM (Ubuntu), \u0434\u043e 1.17.10 (Go), \u0434\u043e 1.18.2 (Go), - (BeeGFS CSI Driver), 1.7 (Red Hat Migration Toolkit for Containers), 6.1 (Red Hat Ceph Storage), 4.11 on RHEL8 (Red Hat Openshift Data Foundation), 3.72 (Red Hat Advanced Cluster Security (RHACS) for Kubernetes), 1.3.0 (Elasticsearch exporter)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435/\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043d\u0435\u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439;\n- \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0430\u0446\u0438\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u0438\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439;\n- \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0437\u0430\u0449\u0438\u0442\u044b;\n- \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f \u044f\u0437\u044b\u043a\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Go:\nhttps://github.com/golang/go/issues/52313\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 NetApp Inc:\nhttps://security.netapp.com/advisory/ntap-20220729-0001/\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2022-29526.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Ubuntu:\nhttps://ubuntu.com/security/CVE-2022-29526\nhttps://ubuntu.com/security/notices/USN-6038-1\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2022-29526\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2022-29526\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Fedora:\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RAHIAFTIZMCEF3ZQVL7SJY4IBSXQWOBN/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YSN5BXHCZQTGLSJC3V6JOZ46R5CTBU3B/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DXZJ5JZ6P4VSNCTDQHKZCP6PZXR35LO5/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YP4GPN53ZYTYGKZQLQV3SERVSY5UABO6/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCRJHUCADVVE2ESDEG266KPDN2NTSYWB/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LZ6AL57Q7SESK36HSUM74NHXTUHQCIP/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUFJFACPQWAJXKNEG6K3VSB2IH7WFLRF/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GRPEVU3GMI776CYVQLQC3DZ5PXUSAHXL/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRBSD5IDGJABJYXM5U3EE7EO2BXO6XRG/",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "11.05.2022",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.03.2024",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "11.07.2023",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-03627",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-29526",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u044b",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "OpenSUSE Leap, Red Hat Enterprise Linux, SUSE Linux Enterprise Server for SAP Applications, Debian GNU/Linux, Ubuntu, Red Hat Quay, Suse Linux Enterprise Server, Red Hat 3scale API Management Platform, Openshift Service Mesh, Fedora, Suse Linux Enterprise Desktop, Red Hat Openshift Data Foundation, Red Hat Advanced Cluster Management for Kubernetes, Red Hat OpenShift GitOps, Red Hat OpenShift Container Platform, Service Telemetry Framework, OpenShift Developer Tools and Services, Red Hat Ceph Storage, Red Hat Ansible Automation Platform, Go, BeeGFS CSI Driver, Red Hat Migration Toolkit for Containers, Red Hat Advanced Cluster Security (RHACS) for Kubernetes, Elasticsearch exporter",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux - , Novell Inc. OpenSUSE Leap 15.5 , Red Hat Inc. Red Hat Enterprise Linux 8 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP1 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , Canonical Ltd. Ubuntu 20.04 LTS , Novell Inc. Suse Linux Enterprise Server 15 SP1-LTSS , Novell Inc. OpenSUSE Leap 15.3 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , Fedora Project Fedora 35 , Novell Inc. OpenSUSE Leap 15.4 , Novell Inc. Suse Linux Enterprise Server 15 SP3 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP3 , Novell Inc. Suse Linux Enterprise Desktop 15 SP3 , Novell Inc. Suse Linux Enterprise Server 15 SP2 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP2 , Fedora Project Fedora 36 , Novell Inc. Suse Linux Enterprise Server 15 SP4 , Novell Inc. Suse Linux Enterprise Desktop 15 SP2 , Novell Inc. Suse Linux Enterprise Desktop 15 SP4 , Novell Inc. Suse Linux Enterprise Server 15 SP2-BCL , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP4 , Canonical Ltd. Ubuntu 22.04 LTS , Red Hat Inc. Red Hat Enterprise Linux 9 , Novell Inc. Suse Linux Enterprise Server 15 SP2-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP3-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP3-BCL , Canonical Ltd. Ubuntu 18.04 ESM ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Faccessa \u044f\u0437\u044b\u043a\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Go, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 (CWE-269), \u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u044b\u0445 \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0438\u043b\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 (CWE-280)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 Faccessa \u044f\u0437\u044b\u043a\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f Go \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u044b\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.cybersecurity-help.cz/vdb/SB2023061930\nhttps://groups.google.com/g/golang-announce\nhttps://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU\nhttps://security.gentoo.org/glsa/202208-02\nhttps://github.com/golang/go/issues/52313\nhttps://security.netapp.com/advisory/ntap-20220729-0001/\nhttps://www.suse.com/security/cve/CVE-2022-29526.html\nhttps://ubuntu.com/security/CVE-2022-29526\nhttps://ubuntu.com/security/notices/USN-6038-1\nhttps://security-tracker.debian.org/tracker/CVE-2022-29526\nhttps://access.redhat.com/security/cve/CVE-2022-29526\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RAHIAFTIZMCEF3ZQVL7SJY4IBSXQWOBN/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YSN5BXHCZQTGLSJC3V6JOZ46R5CTBU3B/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DXZJ5JZ6P4VSNCTDQHKZCP6PZXR35LO5/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YP4GPN53ZYTYGKZQLQV3SERVSY5UABO6/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCRJHUCADVVE2ESDEG266KPDN2NTSYWB/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2LZ6AL57Q7SESK36HSUM74NHXTUHQCIP/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EUFJFACPQWAJXKNEG6K3VSB2IH7WFLRF/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GRPEVU3GMI776CYVQLQC3DZ5PXUSAHXL/\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VRBSD5IDGJABJYXM5U3EE7EO2BXO6XRG/\nhttps://github.com/prometheus-community/elasticsearch_exporter/releases/download/v1.3.0/elasticsearch_exporter-1.3.0.linux-amd64.tar.gz",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b, \u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e \u0437\u0430\u0449\u0438\u0442\u044b",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-269, CWE-280",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,9)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,2)"
}

CVE-2022-29526 (GCVE-0-2022-29526)

Vulnerability from cvelistv5 – Published: 2022-06-22 13:15 – Updated: 2024-08-03 06:26

Summary

Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://groups.google.com/g/golang-announce	x_refsource_MISC
	https://github.com/golang/go/issues/52313	x_refsource_MISC
	https://groups.google.com/g/golang-announce/c/Y5q…	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA
	https://security.netapp.com/advisory/ntap-2022072…	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/202208-02	vendor-advisoryx_refsource_GENTOO
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisoryx_refsource_FEDORA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:26:06.342Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/golang/go/issues/52313"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
          },
          {
            "name": "FEDORA-2022-fae3ecee19",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
          },
          {
            "name": "FEDORA-2022-ffe7dba2cb",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/"
          },
          {
            "name": "FEDORA-2022-ba365d3703",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20220729-0001/"
          },
          {
            "name": "GLSA-202208-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202208-02"
          },
          {
            "name": "FEDORA-2022-30c5ed5625",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-17T03:08:35.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://groups.google.com/g/golang-announce"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/golang/go/issues/52313"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
        },
        {
          "name": "FEDORA-2022-fae3ecee19",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
        },
        {
          "name": "FEDORA-2022-ffe7dba2cb",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/"
        },
        {
          "name": "FEDORA-2022-ba365d3703",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20220729-0001/"
        },
        {
          "name": "GLSA-202208-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/202208-02"
        },
        {
          "name": "FEDORA-2022-30c5ed5625",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-29526",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://groups.google.com/g/golang-announce",
              "refsource": "MISC",
              "url": "https://groups.google.com/g/golang-announce"
            },
            {
              "name": "https://github.com/golang/go/issues/52313",
              "refsource": "MISC",
              "url": "https://github.com/golang/go/issues/52313"
            },
            {
              "name": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU",
              "refsource": "MISC",
              "url": "https://groups.google.com/g/golang-announce/c/Y5qrqw_lWdU"
            },
            {
              "name": "FEDORA-2022-fae3ecee19",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZY2SLWOQR4ZURQ7UBRZ7JIX6H6F5JHJR/"
            },
            {
              "name": "FEDORA-2022-ffe7dba2cb",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q6GE5EQGE4L2KRVGW4T75QVIYAXCLO5X/"
            },
            {
              "name": "FEDORA-2022-ba365d3703",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z55VUVGO7E5PJFXIOVAY373NZRHBNCI5/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20220729-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20220729-0001/"
            },
            {
              "name": "GLSA-202208-02",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/202208-02"
            },
            {
              "name": "FEDORA-2022-30c5ed5625",
              "refsource": "FEDORA",
              "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQXU752ALW53OJAF5MG3WMR5CCZVLWW6/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-29526",
    "datePublished": "2022-06-22T13:15:32.000Z",
    "dateReserved": "2022-04-20T00:00:00.000Z",
    "dateUpdated": "2024-08-03T06:26:06.342Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2023-03627

CVE-2022-29526 (GCVE-0-2022-29526)

Tags

Sightings

Nomenclature