CVE-2022-21392: Local Privilege Escalation via NMR SUID in Oracle Enterprise Manager
CVE-2022-21392: Local Privilege Escalation via NMR SUID in Oracle Enterprise Manager In Oracle installations, where the “nmr” binary is present and SUID-ed as “root”, due to insecure directory permissions, the “oracle” user can elevate his/her privileges to that of the “root” user by replacing the “nmr_macro_list” file