CRITICAL🇵🇱 Wersja polska

CVE-2022-22704

CVSS 9.8v3.1pub. 2022-01-06upd. 2024-11-21

The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to root because the design incorrectly expected that systemd would (in effect) determine part of the configuration.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Alpinelinux Alpine Linux

    OS
    Alpinelinux
    wszystkie wersje
  • Zabbix Agent2

    APP
    Zabbix
    5.4.9< 5.4.9
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2023-29453CRITICAL9.8ten sam produkt

Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as ex...

CVE-2019-5021CRITICAL9.8ten sam produkt

Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. ...

CVE-2018-1000849HIGH8.8ten sam produkt

Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk...

CVE-2017-9669HIGH7.8ten sam produkt

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service,...

CVE-2017-9671HIGH7.8ten sam produkt

A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service,...