CVE-2022-38060 - Vulnerability Details - OpenCVE

A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Openstack	Kolla
Redhat	Openstack

Configuration 1 [-]

cpe:2.3:a:openstack:kolla:-:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat OpenStack Platform 17.1 for RHEL 8
openstack-tripleo-common-0:15.4.1-17.1.20230927003755.el8ost	cpe:/a:redhat:openstack:17.1::el8	RHSA-2024:0191	2024-01-16T00:00:00Z
Red Hat OpenStack Platform 17.1 for RHEL 9
openstack-tripleo-common-0:15.4.1-17.1.20230927010819.el9ost	cpe:/a:redhat:openstack:17.1::el9	RHSA-2024:0216	2024-01-16T00:00:00Z

References

Link	Providers
https://bugs.launchpad.net/bugs/1985784
https://nvd.nist.gov/vuln/detail/CVE-2022-38060
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589
https://www.cve.org/CVERecord?id=CVE-2022-38060

History

Tue, 15 Apr 2025 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: talos

Published: 2022-12-21T23:14:33.786Z

Updated: 2025-04-15T18:38:14.200Z

Reserved: 2022-08-10T00:00:00.000Z

Link: CVE-2022-38060

Vulnrichment

Updated: 2024-08-03T10:45:52.195Z

NVD

Status : Modified

Published: 2022-12-21T11:15:09.137

Modified: 2024-11-21T07:15:40.663

Link: CVE-2022-38060

Redhat

Severity : Important

Publid Date: 2022-09-06T00:00:00Z

Links: CVE-2022-38060 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-38060", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "dateUpdated": "2025-04-15T18:38:14.200Z", "dateReserved": "2022-08-10T00:00:00.000Z", "datePublished": "2022-12-21T23:14:33.786Z"}, "containers": {"cna": {"affected": [{"vendor": "OpenStack", "product": "OpenStack", "versions": [{"version": "git master 05194e7618", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-269: Improper Privilege Management", "type": "CWE", "cweId": "CWE-269"}]}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2023-02-01T16:59:01.801Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:45:52.195Z"}, "title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-15T18:14:13.219466Z", "id": "CVE-2022-38060", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-15T18:38:14.200Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:45:52.195Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-38060", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-04-15T18:14:13.219466Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-15T18:14:14.972Z"}}], "cna": {"metrics": [{"cvssV3_0": {"scope": "CHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "OpenStack", "product": "OpenStack", "versions": [{"status": "affected", "version": "git master 05194e7618"}]}], "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589"}], "descriptions": [{"lang": "en", "value": "A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-269", "description": "CWE-269: Improper Privilege Management"}]}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2023-02-01T16:59:01.801Z"}}}, "cveMetadata": {"cveId": "CVE-2022-38060", "state": "PUBLISHED", "dateUpdated": "2025-04-15T18:38:14.200Z", "dateReserved": "2022-08-10T00:00:00.000Z", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "datePublished": "2022-12-21T23:14:33.786Z", "assignerShortName": "talos"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openstack:kolla:-:*:*:*:*:*:*:*", "matchCriteriaId": "A20CEEDE-3266-40BC-84D9-B5FD424AC5C7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges."}, {"lang": "es", "value": "Existe una vulnerabilidad de escalada de privilegios en la funcionalidad sudo de OpenStack Kolla git master 05194e7618. Una mala configuraci\u00f3n en /etc/sudoers dentro de un contenedor puede generar mayores privilegios."}], "id": "CVE-2022-38060", "lastModified": "2024-11-21T07:15:40.663", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "talos-cna@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-12-21T11:15:09.137", "references": [{"source": "talos-cna@cisco.com", "tags": ["Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1589"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-269"}], "source": "talos-cna@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-426"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:0191", "cpe": "cpe:/a:redhat:openstack:17.1::el8", "impact": "moderate", "package": "openstack-tripleo-common-0:15.4.1-17.1.20230927003755.el8ost", "product_name": "Red Hat OpenStack Platform 17.1 for RHEL 8", "release_date": "2024-01-16T00:00:00Z"}, {"advisory": "RHSA-2024:0216", "cpe": "cpe:/a:redhat:openstack:17.1::el9", "impact": "moderate", "package": "openstack-tripleo-common-0:15.4.1-17.1.20230927010819.el9ost", "product_name": "Red Hat OpenStack Platform 17.1 for RHEL 9", "release_date": "2024-01-16T00:00:00Z"}], "bugzilla": {"description": "openstack/kolla: sudo privilege escalation vulnerability", "id": "2124758", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124758"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-269", "details": ["A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla git master 05194e7618. A misconfiguration in /etc/sudoers within a container can lead to increased privileges.", "A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla. A misconfiguration in /etc/sudoers within a container can lead to increased privileges."], "mitigation": {"lang": "en:us", "value": "/etc/sudoers within the container should use the `secure_path` option to prevent the PATH environment variable from being modified. However, this will not prevent other possibly dangerous environment variables from being changed. Ideally, the `setenv` option would be removed from /etc/sudoers altogether, and `env_keep` could be used for any safe environment variables that do not introduce security holes.\nTo avoid container compromises resulting in host compromise, avoid using privileged containers; prefer adding individual capabilities as needed."}, "name": "CVE-2022-38060", "package_state": [{"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Will not fix", "impact": "moderate", "package_name": "openstack-tripleo-common", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Will not fix", "impact": "moderate", "package_name": "openstack-tripleo-common", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:openstack:17.0", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "openstack-tripleo-common", "product_name": "Red Hat OpenStack Platform 17.0"}, {"cpe": "cpe:/a:redhat:openstack:18.0", "fix_state": "Affected", "impact": "moderate", "package_name": "python-tcib", "product_name": "Red Hat OpenStack Platform 18.0"}], "public_date": "2022-09-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-38060\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-38060\nhttps://bugs.launchpad.net/bugs/1985784"], "statement": "To exploit this vulnerability, an attacker would need to have specialized access that allows them to modify how the container is run. The attacker would need to either modify the container's definition (such as by configuring environment variables or selecting the container image) or modify files in the container's file system. Both of these actions are typically restricted by user and group permissions. Hence, the impact for OpenStack is reduced to moderate.", "threat_severity": "Important"}