David Heise

**Name of the Vulnerable Software and Affected Versions** Qualys Cloud Agent version 4.8.0-49 **Description** An issue was discovered in the Qualys Cloud Agent where it executes programs at various full pathnames without first making ownership and permission checks, and without integrity checks. This could lead to privilege escalation on systems where any of these pathnames is controlled by a non-root user. For example, if the `/opt/firebird` directory is owned by the firebird user, an issue could occur with the `/opt/firebird/bin/isql` program. **Recommendations** For Qualys Cloud Agent version 4.8.0-49, consider restricting access to the directories and files that could be exploited for privilege escalation, such as `/opt/firebird/bin/isql`, until a patch is available. As a temporary workaround, ensure that all executable paths used by the agent are owned by root to prevent non-root users from manipulating them.

**Name of the Vulnerable Software and Affected Versions** Qualys Cloud Agent version 4.8.0-49 **Description** An issue was discovered in Qualys Cloud Agent where it writes "ps auxwwe" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may unexpectedly write credentials from environment variables to disk in cleartext. Although there are no common circumstances in which the log file can be read by a user other than root, the file contents could be exposed through site-specific operational practices. The vendor does not characterize this as a vulnerability because the ps data collection is intentional and would only capture credentials on a machine already affected by a specific weakness. **Recommendations** For Qualys Cloud Agent version 4.8.0-49, consider restricting access to the /var/log/qualys/qualys-cloud-agent-scan.log file to minimize the risk of exposure. As a temporary workaround, consider disabling the collection of "ps auxwwe" output until a more secure solution is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** MISP version 2.4.111 **Description** A stored XSS issue exists in the event-graph view when a user toggles the event graph view. This occurs because a malicious MISP event must be crafted to trigger the vulnerability. **Recommendations** For version 2.4.111, consider disabling the event-graph view until a patch is available to prevent potential exploitation.