CVE-2022-29549

Name of the Vulnerable Software and Affected Versions Qualys Cloud Agent version 4.8.0-49

Description An issue was discovered in the Qualys Cloud Agent where it executes programs at various full pathnames without first making ownership and permission checks, and without integrity checks. This could lead to privilege escalation on systems where any of these pathnames is controlled by a non-root user. For example, if the /opt/firebird directory is owned by the firebird user, an issue could occur with the /opt/firebird/bin/isql program.

Recommendations For Qualys Cloud Agent version 4.8.0-49, consider restricting access to the directories and files that could be exploited for privilege escalation, such as /opt/firebird/bin/isql, until a patch is available. As a temporary workaround, ensure that all executable paths used by the agent are owned by root to prevent non-root users from manipulating them.