CVE-2022-21392: Local Privilege Escalation via NMR SUID in Oracle Enterprise Manager

In Oracle installations, where the “nmr” binary is present and SUID-ed as “root”, due to insecure directory permissions, the “oracle” user can elevate his/her privileges to that of the “root” user by replacing the “nmr_macro_list” file.

Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found here.

Requirements:

This vulnerability requires:

Access on the local system as the "oracle" user (e.g. executing arbitrary Java code via a compromised Oracle Database)

Proof Of Concept:

More details and the exploitation process can be found in this PDF.

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
Oracle Enterprise Manager - CVE-2022-21392.pdf		Oracle Enterprise Manager - CVE-2022-21392.pdf
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Oracle Enterprise Manager - CVE-2022-21392.pdf

Oracle Enterprise Manager - CVE-2022-21392.pdf

README.md

README.md

Repository files navigation

CVE-2022-21392: Local Privilege Escalation via NMR SUID in Oracle Enterprise Manager

Vendor Disclosure:

Requirements:

Proof Of Concept:

About

mbadanoiu/CVE-2022-21392

Folders and files

Latest commit

History

Oracle Enterprise Manager - CVE-2022-21392.pdf

Oracle Enterprise Manager - CVE-2022-21392.pdf

README.md

README.md

Repository files navigation

CVE-2022-21392: Local Privilege Escalation via NMR SUID in Oracle Enterprise Manager

Vendor Disclosure:

Requirements:

Proof Of Concept:

About

Topics

Resources

Stars

Watchers

Forks