CVE-2022-29550 - Vulnerability Details - OpenCVE

An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes "ps auxwwe" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials (from environment variables) to disk in cleartext. NOTE: there are no common circumstances in which qualys-cloud-agent-scan.log can be read by a user other than root; however, the file contents could be exposed through site-specific operational practices. The vendor does NOT characterize this as a vulnerability because the ps data collection is intentional, and would only capture credentials on a machine that was already affected by the CWE-214 weakness

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00157.

Key SSVC decision points have not yet been added.

Vendors	Products
Qualys Subscribe	Cloud Agent Subscribe

Configuration 1 [-]

cpe:2.3:a:qualys:cloud_agent:4.8.0-49:*:*:*:*:linux:*:*

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://packetstormsecurity.com/files/168367/Qualys-Cloud-Agent-Arbitrary-Code-Execution.html
http://seclists.org/fulldisclosure/2022/Sep/10
https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux
https://blog.qualys.com/vulnerabilities-threat-research

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2022-08-18T12:16:18

Updated: 2024-08-03T06:26:06.296Z

Reserved: 2022-04-21T00:00:00

Link: CVE-2022-29550

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-08-18T13:15:07.957

Modified: 2024-11-21T06:59:18.430

Link: CVE-2022-29550

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-532

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes \"ps auxwwe\" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials (from environment variables) to disk in cleartext. NOTE: there are no common circumstances in which qualys-cloud-agent-scan.log can be read by a user other than root; however, the file contents could be exposed through site-specific operational practices. The vendor does NOT characterize this as a vulnerability because the ps data collection is intentional, and would only capture credentials on a machine that was already affected by the CWE-214 weakness"}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-09-13T17:06:21", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://blog.qualys.com/vulnerabilities-threat-research"}, {"tags": ["x_refsource_MISC"], "url": "https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux"}, {"name": "20220912 Multiple vulnerabilities discovered in Qualys Cloud Agent", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2022/Sep/10"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/168367/Qualys-Cloud-Agent-Arbitrary-Code-Execution.html"}], "tags": ["disputed"], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-29550", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "** DISPUTED ** An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes \"ps auxwwe\" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials (from environment variables) to disk in cleartext. NOTE: there are no common circumstances in which qualys-cloud-agent-scan.log can be read by a user other than root; however, the file contents could be exposed through site-specific operational practices. The vendor does NOT characterize this as a vulnerability because the ps data collection is intentional, and would only capture credentials on a machine that was already affected by the CWE-214 weakness."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://blog.qualys.com/vulnerabilities-threat-research", "refsource": "MISC", "url": "https://blog.qualys.com/vulnerabilities-threat-research"}, {"name": "https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux", "refsource": "MISC", "url": "https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux"}, {"name": "20220912 Multiple vulnerabilities discovered in Qualys Cloud Agent", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2022/Sep/10"}, {"name": "http://packetstormsecurity.com/files/168367/Qualys-Cloud-Agent-Arbitrary-Code-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/168367/Qualys-Cloud-Agent-Arbitrary-Code-Execution.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T06:26:06.296Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://blog.qualys.com/vulnerabilities-threat-research"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux"}, {"name": "20220912 Multiple vulnerabilities discovered in Qualys Cloud Agent", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2022/Sep/10"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/168367/Qualys-Cloud-Agent-Arbitrary-Code-Execution.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-29550", "datePublished": "2022-08-18T12:16:18", "dateReserved": "2022-04-21T00:00:00", "dateUpdated": "2024-08-03T06:26:06.296Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:qualys:cloud_agent:4.8.0-49:*:*:*:*:linux:*:*", "matchCriteriaId": "EE1CD51C-0C69-4381-8834-DC7D9C1FB0A4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [{"sourceIdentifier": "cve@mitre.org", "tags": ["disputed"]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes \"ps auxwwe\" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials (from environment variables) to disk in cleartext. NOTE: there are no common circumstances in which qualys-cloud-agent-scan.log can be read by a user other than root; however, the file contents could be exposed through site-specific operational practices. The vendor does NOT characterize this as a vulnerability because the ps data collection is intentional, and would only capture credentials on a machine that was already affected by the CWE-214 weakness"}, {"lang": "es", "value": "** EN DISPUTA ** Se ha detectado un problema en Qualys Cloud Agent versi\u00f3n 4.8.0-49. Escribe la salida \"ps auxwwe\" en el archivo /var/log/qualys/qualys-cloud-agent-scan.log. Esto puede, por ejemplo, escribir inesperadamente las credenciales (de las variables de entorno) en el disco en texto sin cifrar. NOTA: no se presentan circunstancias comunes en las que qualys-cloud-agent-scan.log pueda ser le\u00eddo por un usuario que no sea root; sin embargo, el contenido del archivo podr\u00eda estar expuesto mediante pr\u00e1cticas operativas espec\u00edficas del sitio. El proveedor NO caracteriza esto como una vulnerabilidad porque la recolecci\u00f3n de datos ps es intencional, y s\u00f3lo capturar\u00eda credenciales en una m\u00e1quina que ya estuviera afectada por la debilidad CWE-214."}], "id": "CVE-2022-29550", "lastModified": "2024-11-21T06:59:18.430", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-18T13:15:07.957", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://packetstormsecurity.com/files/168367/Qualys-Cloud-Agent-Arbitrary-Code-Execution.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Sep/10"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://blog.qualys.com/vulnerabilities-threat-research"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://packetstormsecurity.com/files/168367/Qualys-Cloud-Agent-Arbitrary-Code-Execution.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2022/Sep/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://blog.qualys.com/vulnerabilities-threat-research"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "nvd@nist.gov", "type": "Primary"}]}