When Octopus Tentacle is installed on a Linux operating system, the systemd service file permissions are misconfigured. This could lead to a local unprivileged user modifying the contents of the systemd service file to gain privileged access.
References
Configurations
Configuration 1 (hide)
AND |
|
History
07 Nov 2023, 03:35
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
29 Nov 2021, 19:14
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-276 | |
References | (MISC) https://advisories.octopus.com/adv/2021-11---Local-privilege-escalation-in-Octopus-Tentacle-(CVE-2021-31822).2283732993.html - Mitigation, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 7.8 |
CPE | cpe:2.3:a:octopus:tentacle:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* |
24 Nov 2021, 16:18
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-11-24 16:15
Updated : 2023-12-10 14:09
NVD link : CVE-2021-31822
Mitre link : CVE-2021-31822
CVE.ORG link : CVE-2021-31822
JSON object : View
Products Affected
octopus
- tentacle
linux
- linux_kernel
CWE
CWE-276
Incorrect Default Permissions