Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:1361412562310833518HistoryMar 04, 2024 - 12:00 a.m.
openSUSE: Security Advisory for open (SUSE-SU-2022:2936-2)
2024-03-0400:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
3
opensuse leap micro 5.2
update
cve-2022-31676
privilege escalation
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.833518");
script_version("2024-05-16T05:05:35+0000");
script_cve_id("CVE-2022-31676");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:S/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2024-05-16 05:05:35 +0000 (Thu, 16 May 2024)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2022-08-29 17:52:02 +0000 (Mon, 29 Aug 2022)");
script_tag(name:"creation_date", value:"2024-03-04 07:23:17 +0000 (Mon, 04 Mar 2024)");
script_name("openSUSE: Security Advisory for open (SUSE-SU-2022:2936-2)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse", "ssh/login/rpms", re:"ssh/login/release=openSUSELeapMicro5\.2");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2022:2936-2");
script_xref(name:"URL", value:"https://lists.opensuse.org/archives/list/[email protected]/thread/J2CC5CC24YM62PUE6FNYK4TO7ZO6C3L3");
script_tag(name:"summary", value:"The remote host is missing an update for the 'open'
package(s) announced via the SUSE-SU-2022:2936-2 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for open-vm-tools fixes the following issues:
- Updated to version 12.1.0 (build 20219665) (bsc#1202733):
- CVE-2022-31676: Fixed an issue that could allow unprivileged users
inside a virtual machine to escalate privileges (bsc#1202657).");
script_tag(name:"affected", value:"'open' package(s) on openSUSE Leap Micro 5.2.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "openSUSELeapMicro5.2") {
if(!isnull(res = isrpmvuln(pkg:"libvmtools0", rpm:"libvmtools0~12.1.0~150300.19.1", rls:"openSUSELeapMicro5.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvmtools0-debuginfo", rpm:"libvmtools0-debuginfo~12.1.0~150300.19.1", rls:"openSUSELeapMicro5.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"open-vm-tools", rpm:"open-vm-tools~12.1.0~150300.19.1", rls:"openSUSELeapMicro5.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"open-vm-tools-debuginfo", rpm:"open-vm-tools-debuginfo~12.1.0~150300.19.1", rls:"openSUSELeapMicro5.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"open-vm-tools-debugsource", rpm:"open-vm-tools-debugsource~12.1.0~150300.19.1", rls:"openSUSELeapMicro5.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvmtools0", rpm:"libvmtools0~12.1.0~150300.19.1", rls:"openSUSELeapMicro5.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"libvmtools0-debuginfo", rpm:"libvmtools0-debuginfo~12.1.0~150300.19.1", rls:"openSUSELeapMicro5.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"open-vm-tools", rpm:"open-vm-tools~12.1.0~150300.19.1", rls:"openSUSELeapMicro5.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"open-vm-tools-debuginfo", rpm:"open-vm-tools-debuginfo~12.1.0~150300.19.1", rls:"openSUSELeapMicro5.2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"open-vm-tools-debugsource", rpm:"open-vm-tools-debugsource~12.1.0~150300.19.1", rls:"openSUSELeapMicro5.2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);Related
nessus
nessus
Scientific Linux Security Update : open-vm-tools on SL7.x x86_64 (2022:6381)
2022-09-08 00:00:00
RHEL 7 : open-vm-tools (RHSA-2022:6381)
2022-09-07 00:00:00
RHEL 8 : open-vm-tools (RHSA-2022:6354)
2022-09-07 00:00:00
f5
f5
K87046687 : VMware Tools vulnerability CVE-2022-31676
2022-12-09 00:00:00
openvas
openvas
Fedora: Security Advisory for open-vm-tools (FEDORA-2022-1c9c0bacaf)
2022-09-18 00:00:00
Debian: Security Advisory (DSA-5215-1)
2022-08-25 00:00:00
Ubuntu: Security Advisory (USN-5578-2)
2022-08-26 00:00:00
osv
osv
open-vm-tools vulnerability
2022-08-24 11:25:37
Important: open-vm-tools security update
2022-09-06 00:00:00
open-vm-tools - security update
2022-08-25 00:00:00
redhat
redhat
(RHSA-2022:6358) Important: open-vm-tools security update
2022-09-06 14:27:07
(RHSA-2022:6356) Important: open-vm-tools security update
2022-09-06 14:25:49
(RHSA-2022:6357) Important: open-vm-tools security update
2022-09-06 14:26:28
ibm
ibm
veracode
veracode
Privilege Escalation
2022-08-25 05:04:55
oraclelinux
oraclelinux
open-vm-tools security update
2022-09-06 00:00:00
open-vm-tools security update
2022-09-07 00:00:00
open-vm-tools security update
2022-09-07 00:00:00
suse
suse
Security update for open-vm-tools (important)
2022-09-01 00:00:00
Security update for open-vm-tools (important)
2022-08-29 00:00:00
centos
centos
open security update
2022-09-13 16:04:22
cvelist
cvelist
CVE-2022-31676
2022-08-23 00:00:00
gentoo
gentoo
open-vm-tools: Local Privilege Escalation
2022-10-31 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: open-vm-tools-12.1.0-1.fc35
2022-09-17 01:55:26
[SECURITY] Fedora 37 Update: open-vm-tools-12.1.0-1.fc37
2022-09-14 00:28:59
[SECURITY] Fedora 36 Update: open-vm-tools-12.0.5-3.fc36
2022-09-08 11:03:39
almalinux
almalinux
Important: open-vm-tools security update
2022-09-06 00:00:00
Important: open-vm-tools security update
2022-09-06 00:00:00
rocky
rocky
open-vm-tools security update
2022-09-06 14:27:07
open-vm-tools security update
2022-09-06 14:26:28
photon
photon
Important Photon OS Security Update - PHSA-2022-0237
2022-08-24 00:00:00
Important Photon OS Security Update - PHSA-2022-3.0-0442
2022-08-24 00:00:00
Important Photon OS Security Update - PHSA-2022-4.0-0237
2022-08-24 00:00:00
vmware
vmware
ubuntucve
ubuntucve
CVE-2022-31676
2022-08-23 00:00:00
mageia
mageia
Updated open-vm-tools packages fix security vulnerability
2022-09-21 21:15:27
debiancve
debiancve
CVE-2022-31676
2022-08-23 20:15:00
debian
debian
[SECURITY] [DLA 3081-1] open-vm-tools security update
2022-08-25 07:21:48
[SECURITY] [DSA 5215-1] open-vm-tools security update
2022-08-24 13:09:59
cve
cve
CVE-2022-31676
2022-08-23 20:15:00
redhatcve
redhatcve
CVE-2022-31676
2022-08-24 08:40:33
amazon
amazon
Important: open-vm-tools
2023-07-05 22:01:00
prion
prion
Privilege escalation
2022-08-23 20:15:00
ubuntu
ubuntu
Open VM Tools vulnerability
2022-08-24 00:00:00
Open VM Tools vulnerability
2022-08-24 00:00:00
alpinelinux
alpinelinux
CVE-2022-31676
2022-08-23 20:15:00
7.7 High
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.2%
Related for OPENVAS:1361412562310833518