Placement of User into Incorrect Group

CVE-2022-3650

High

7.8/10

Summary

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-842 - Placement of User into Incorrect Group

The software or the administrator places a user into an incorrect group.

References

Advisory Timeline

Published Jan 17, 2023

Placement of User into Incorrect Group

CVE-2022-3650

Summary

CWE-842 - Placement of User into Incorrect Group

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS