Vulnerability Details CVE-2022-29527
Amazon AWS amazon-ssm-agent before 3.1.1208.0 creates a world-writable sudoers file, which allows local attackers to inject Sudo rules and escalate privileges to root. This occurs in certain situations involving a race condition.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.4%
CVSS Severity
CVSS v3 Score 7.0
CVSS v2 Score 6.9
References
- https://bugzilla.suse.com/show_bug.cgi?id=1196556
- https://github.com/aws/amazon-ssm-agent/commit/0fe8ae99b2ff25649c7b86d3bc05fc037400aca7
- https://github.com/aws/amazon-ssm-agent/releases/tag/3.1.1208.0
- https://bugzilla.suse.com/show_bug.cgi?id=1196556
- https://github.com/aws/amazon-ssm-agent/commit/0fe8ae99b2ff25649c7b86d3bc05fc037400aca7
- https://github.com/aws/amazon-ssm-agent/releases/tag/3.1.1208.0
Products affected by CVE-2022-29527
-
cpe:2.3:a:amazon:amazon_ssm_agent:1.1.145.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:1.1.146.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:1.2.252.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:1.2.290.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.599.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.633.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.672.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.716.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.730.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.755.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.767.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.790.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.796.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.805.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.834.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.842.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.847.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.879.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.902.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.913.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.922.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.0.952.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.1.4.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.103.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.120.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.136.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.16.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.160.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.191.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.24.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.257.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.30.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.325.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.355.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.392.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.45.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.493.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.546.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.58.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.607.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.619.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.64.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.800.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.82.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.902.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.916.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.2.93.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.117.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.1205.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.13.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.1319.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.136.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.1509.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.1550.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.1569.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.1613.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.1644.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.193.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.235.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.274.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.344.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.372.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.415.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.444.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.479.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.50.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.539.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.542.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.612.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.634.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.662.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.668.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.672.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.68.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.680.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.687.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.701.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.707.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.714.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.722.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.756.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.758.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.760.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.772.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.786.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.814.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.842.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.871.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.930.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:2.3.978.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.1031.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.1124.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.1181.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.1209.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.1295.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.1390.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.1479.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.151.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.161.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.196.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.222.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.284.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.356.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.413.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.431.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.502.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.529.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.603.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.655.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.732.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.755.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.854.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.0.882.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.1004.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.1045.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.1080.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.1141.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.1188.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.127.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.192.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.282.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.338.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.426.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.459.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.501.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.630.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.634.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.715.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.804.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.821.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.90.0
-
cpe:2.3:a:amazon:amazon_ssm_agent:3.1.941.0