CVE-2022-23511
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-23511
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A privilege escalation issue exists within the Amazon CloudWatch Agent for Windows, software for collecting metrics and logs from Amazon EC2 instances and on-premises servers, in versions up to and including v1.247354. When users trigger a repair of the Agent, a pop-up window opens with SYSTEM permissions. Users with administrative access to affected hosts may use this to create a new command prompt as NT AUTHORITY\SYSTEM. To trigger this issue, the third party must be able to access the affected host and elevate their privileges such that they're able to trigger the agent repair process. They must also be able to install the tools required to trigger the issue. This issue does not affect the CloudWatch Agent for macOS or Linux. Agent users should upgrade to version 1.247355 of the CloudWatch Agent to address this issue. There is no recommended work around. Affected users must update the installed version of the CloudWatch Agent to address this issue.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
不充分特权处理不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
Amazon CloudWatch Agent 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Amazon CloudWatch Agent是美国亚马逊(Amazon)公司的一个在您的服务器上自主连续运行的软件包代理。 Amazon CloudWatch Agent 1.247354及之前版本存在安全漏洞,该漏洞源于存在权限升级问题,当用户触发代理修复时,将打开一个具有 SYSTEM 权限的弹出窗口。 对受影响的主机具有管理访问权限的用户可以使用它来创建一个新的命令提示符作为 NT AUTHORITYSYSTEM。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| aws | amazon-cloudwatch-agent | < 1.247355 | - |
II. Public POCs for CVE-2022-23511
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-23511
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same vendor: aws
- CVE-2026-7461
OS Command Injection in Amazon ECS Agent via FSx Windows Fil - CVE-2026-7426
Out-of-Bounds Write via Unsanitized Prefix Length in Router - CVE-2026-7425
Out-of-Bounds Read in Router Advertisement Option Parser in - CVE-2026-7424
Integer Underflow in DHCPv6 Sub-Option Parser in FreeRTOS-Pl - CVE-2026-7423
Integer Underflow in ICMP Echo Reply Processing in FreeRTOS-
Same weakness: CWE-274
- CVE-2026-33005
Apache OpenMeetings: Insufficient checks in FileWebService - CVE-2023-20516
AMD Graphics Driver 安全漏洞 - CVE-2025-20177
Cisco IOS XR Software Image Verification Bypass Vulnerabilit - CVE-2025-20156
Cisco Meeting Management Client-Server Privilege Escalation - CVE-2024-12666
ClassCMS User Management Page admin insufficient privileges
V. Comments for CVE-2022-23511
No comments yet