Login Sign Up

CVE-2022-28619

7.8 HIGH

📋 TL;DR

This CVE describes a local privilege escalation vulnerability in the HPE Version Control Repository Manager installer. An attacker with local access could exploit this to gain elevated privileges on the system. Only systems running the vulnerable installer version are affected.

💻 Affected Systems

Products:
  • HPE Version Control Repository Manager
Versions: Installer versions before 7.6.14.0
Operating Systems: Windows, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects the installer component, not the running application. Vulnerability exists during installation/upgrade processes.

📦 What is this software?

Control Repository Manager by Hpe

View all CVEs affecting Control Repository Manager →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with local access gains full administrative/root privileges, potentially compromising the entire system and accessing sensitive repository data.

🟠

Likely Case

Local users or attackers with initial foothold escalate privileges to install malware, modify configurations, or access restricted repository data.

🟢

If Mitigated

With proper access controls and limited local user accounts, impact is reduced to authorized users only, though privilege escalation remains possible.

🌐 Internet-Facing: LOW - This is a local privilege escalation requiring local system access, not directly exploitable over the network.
🏢 Internal Only: HIGH - Internal users or attackers who gain local access can exploit this to escalate privileges on affected systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Requires local access to the system. No public exploit code has been disclosed as of analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Installer version 7.6.14.0

Vendor Advisory: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn04310en_us

Restart Required: Yes

Instructions:

1. Download installer version 7.6.14.0 from HPE support portal. 2. Stop HPE Version Control Repository Manager service. 3. Run the updated installer. 4. Restart the service.

🔧 Temporary Workarounds

Restrict local access

all

Limit local user accounts and implement strict access controls to prevent unauthorized local access.

Use least privilege accounts

all

Run HPE Version Control Repository Manager with minimal required privileges to limit impact of escalation.

🧯 If You Can't Patch

  • Implement strict access controls to limit local user accounts and monitor for suspicious privilege escalation attempts.
  • Isolate affected systems from critical network segments and implement application whitelisting to prevent unauthorized execution.

🔍 How to Verify

Check if Vulnerable:

Check installer version by examining installer filename or properties. Versions before 7.6.14.0 are vulnerable.

Check Version:

On Windows: Check installer properties. On Linux: Check installer filename or installation logs for version information.

Verify Fix Applied:

Verify installer version is 7.6.14.0 or later by checking installer properties or installation logs.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected privilege escalation events
  • Suspicious installer execution
  • Unauthorized service account changes

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

Event logs showing privilege escalation or unexpected installer execution on systems running HPE Version Control Repository Manager

📊 Metadata

CVE ID: CVE-2022-28619
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: June 24, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON