CVE-2022-38060
21.12.2022, 11:15
A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges.Enginsight
| Vendor | Product | Version |
|---|---|---|
| openstack | kolla | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-269 - Improper Privilege ManagementThe software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
- CWE-426 - Untrusted Search PathThe application searches for critical resources using an externally-supplied search path that can point to resources that are not under the application's direct control.