cbcvebase.
CVE-2011-4945
published 2012-10-01

CVE-2011-4945: PolicyKit 0.103 sets the AdminIdentities to "wheel" by default, which allows local users in the wheel group to gain root privileges without authentication.

PriorityP425medium6.9CVSS 2.0
AVLACMAuNCCICAC
EPSS
0.35%
27.0th percentile
PolicyKit 0.103 sets the AdminIdentities to "wheel" by default, which allows local users in the wheel group to gain root privileges without authentication.

Affected

2 ranges
VendorProductVersion rangeFixed in
debianpolicykit-1< policykit-1 0.103-1 (bookworm)policykit-1 0.103-1 (bookworm)
michael_bieblpolicykit

CVSS provenance

nvdv2.06.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
osv6.9MEDIUM
vendor_debian6.9MEDIUM
vendor_redhat6.9MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.