Local Privilege Escalation Vulnerability in Amazon AWS Apache Log4j Hotpatch
CVE-2022-33915

7HIGH

Key Information:

Vendor: Amazon
Status: Hotpatch
Vendor: CVE Published:; 17 June 2022

What is CVE-2022-33915?

A vulnerability exists in versions of the AWS Apache Log4j hotpatch package prior to log4j-cve-2021-44228-hotpatch-1.3.5 due to a race condition. This issue allows local users to escalate privileges by executing a specific Java process that performs a command (exec()) on an SUID binary. The hotpatch script, which is intended as a temporary fix for other vulnerabilities, inadvertently provides a method for users to manipulate its execution context, granting unauthorized elevated permissions.

References

https://alas.aws.amazon.com/ALAS-2022-1601.html

x_refsource_MISC

https://alas.aws.amazon.com/AL2/ALAS-2022-1806.html

x_refsource_MISC

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 17, 2022
Vulnerability Reserved
Jun 17, 2022