CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-28141 – NTFS Junction
https://notcve.org/view.php?id=CVE-2023-28141
An NTFS Junction condition exists in the Qualys Cloud Agent for Windows platform in versions before 4.8.0.31. Attackers may write files to arbitrary locations via a local attack vector. This allows attackers to assume the privileges of the process, and they may delete or otherwise on unauthorized files, allowing for the potential modification or deletion of sensitive files limited only to that specific directory/file object. This vulnerability is bounded to the time of installation/uninstallation and can only be exploited locally. At the time of this disclosure, versions before 4.0 are classified as End of Life. • https://www.qualys.com/security-advisories • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29550
https://notcve.org/view.php?id=CVE-2022-29550
An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes "ps auxwwe" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials (from environment variables) to disk in cleartext. NOTE: there are no common circumstances in which qualys-cloud-agent-scan.log can be read by a user other than root; however, the file contents could be exposed through site-specific operational practices. The vendor does NOT characterize this as a vulnerability because the ps data collection is intentional, and would only capture credentials on a machine that was already affected by the CWE-214 weakness ** EN DISPUTA ** Se ha detectado un problema en Qualys Cloud Agent versión 4.8.0-49. • http://packetstormsecurity.com/files/168367/Qualys-Cloud-Agent-Arbitrary-Code-Execution.html http://seclists.org/fulldisclosure/2022/Sep/10 https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux https://blog.qualys.com/vulnerabilities-threat-research • CWE-532: Insertion of Sensitive Information into Log File •