Multiple vulnerabilities discovered in Qualys Cloud Agent

[Daniel Wood via Fulldisclosure <fulldisclosure () seclists org>]

The Unqork Security team discovered multiple security vulnerabilities in
the Qualys Cloud Agent, to include arbitrary code execution.

CVE-2022-29549 (Arbitrary Code Execution)
https://nvd.nist.gov/vuln/detail/CVE-2022-29549

CVE-2022-29550 (Sensitive Information Disclosure)
https://nvd.nist.gov/vuln/detail/CVE-2022-29550

Read more:
https://www.unqork.com/resources/unqork-and-qualys-partner-to-resolve-zero-day-vulnerabilities
https://blog.qualys.com/product-tech/2022/08/15/qualys-security-updates-cloud-agent-for-linux

Daniel Wood
Head of Product Security, Unqork

-- 
**This e-mail, and any attachments thereto, is intended only for use by the 
addressee(s) named herein and may contain legally privileged and/or 
confidential information. If you are not the intended recipient of this 
e-mail, you are hereby notified that any dissemination, distribution or 
copying of this e-mail, and any attachments thereto, is strictly 
prohibited. If you have received this e-mail in error, please notify me by 
replying to this message and permanently delete the original and any copy 
of this e-mail and any printout thereof.**
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/