CVE-2022-29934

Published April 29th, 2022

View on NVD ↗

CVSS v3

7.8

HIGH

CVSS v2

7.2

HIGH

Affected

PROJECT

Description

USU Oracle Optimization before 5.17.5 lacks Polkit authentication, which allows smartcollector users to achieve root access via pkexec. NOTE: this is not an Oracle Corporation product.

orangecertcc/security-research

GitHub