{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-38060", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "dateUpdated": "2024-09-16T21:08:57.753Z", "dateReserved": "2022-08-10T00:00:00", "datePublished": "2022-12-21T23:14:33.786205Z"}, "containers": {"cna": {"affected": [{"vendor": "OpenStack", "product": "OpenStack", "versions": [{"version": "git master 05194e7618", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-269: Improper Privilege Management", "type": "CWE", "cweId": "CWE-269"}]}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2023-02-01T16:59:01.801Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:45:52.195Z"}, "title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openstack:kolla:-:*:*:*:*:*:*:*", "matchCriteriaId": "A20CEEDE-3266-40BC-84D9-B5FD424AC5C7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges."}, {"lang": "es", "value": "Existe una vulnerabilidad de escalada de privilegios en la funcionalidad sudo de OpenStack Kolla git master 05194e7618. Una mala configuraci\u00f3n en /etc/sudoers dentro de un contenedor puede generar mayores privilegios."}], "id": "CVE-2022-38060", "lastModified": "2023-07-21T20:32:39.360", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "talos-cna@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-21T11:15:09.137", "references": [{"source": "talos-cna@cisco.com", "tags": ["Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-426"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-269"}], "source": "talos-cna@cisco.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:0191", "cpe": "cpe:/a:redhat:openstack:17.1::el8", "impact": "moderate", "package": "openstack-tripleo-common-0:15.4.1-17.1.20230927003755.el8ost", "product_name": "Red Hat OpenStack Platform 17.1 for RHEL 8", "release_date": "2024-01-16T00:00:00Z"}, {"advisory": "RHSA-2024:0216", "cpe": "cpe:/a:redhat:openstack:17.1::el9", "impact": "moderate", "package": "openstack-tripleo-common-0:15.4.1-17.1.20230927010819.el9ost", "product_name": "Red Hat OpenStack Platform 17.1 for RHEL 9", "release_date": "2024-01-16T00:00:00Z"}], "bugzilla": {"description": "openstack/kolla: sudo privilege escalation vulnerability", "id": "2124758", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124758"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-269", "details": ["A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges.", "A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla. A misconfiguration in /etc/sudoers within a container can lead to increased privileges."], "mitigation": {"lang": "en:us", "value": "/etc/sudoers within the container should use the `secure_path` option to prevent the PATH environment variable from being modified. However, this will not prevent other possibly dangerous environment variables from being changed. Ideally, the `setenv` option would be removed from /etc/sudoers altogether, and `env_keep` could be used for any safe environment variables that do not introduce security holes.\nTo avoid container compromises resulting in host compromise, avoid using privileged containers; prefer adding individual capabilities as needed."}, "name": "CVE-2022-38060", "package_state": [{"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Will not fix", "impact": "moderate", "package_name": "openstack-tripleo-common", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Will not fix", "impact": "moderate", "package_name": "openstack-tripleo-common", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "openstack-tripleo-common", "product_name": "Red Hat OpenStack Platform 17.0"}, {"cpe": "cpe:/a:redhat:openstack:18.0", "fix_state": "Affected", "impact": "moderate", "package_name": "python-tcib", "product_name": "Red Hat OpenStack Platform 18.0"}], "public_date": "2022-09-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-38060\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-38060\nhttps://bugs.launchpad.net/bugs/1985784"], "statement": "To exploit this vulnerability, an attacker would need to have specialized access that allows them to modify how the container is run. The attacker would need to either modify the container's definition (such as by configuring environment variables or selecting the container image) or modify files in the container's file system. Both of these actions are typically restricted by user and group permissions. Hence, the impact for OpenStack is reduced to moderate.", "threat_severity": "Important"}