3 matches found
CVE-2022-29549
An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full pathnames without first making ownership and permission checks e.g., to help ensure that a program was installed by root and without integrity checks e.g., a checksum comparison against known legitimate...
CVE-2022-29549
An issue was discovered in Qualys Cloud Agent 4.8.0-49. It executes programs at various full pathnames without first making ownership and permission checks e.g., to help ensure that a program was installed by root and without integrity checks e.g., a checksum comparison against known legitimate...
CVE-2022-29549
CVE-2022-29549 affects Qualys Cloud Agent (Linux) 4.8.0-49. The issue arises because the agent executes programs by full pathnames without prior ownership/permission checks or integrity verification, enabling local privilege escalation if a non-root user controls any targeted path (e.g., /opt/fir...