CVE-2023-3899

CWE-285 CWE-863 — Incorrect Authorization4 documents4 sources

Severity

7.8HIGH

EPSS

0.0%

top 92.76%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Subscription-manager Fedoraproject Fedora Redhat Enterprise Linux +17 more

Timeline

PublishedAug 23

Description

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arb…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

▶NVDredhat/subscription-manager1.29.0 — 1.29.37+1

▶NVDredhat/enterprise_linux_server7.0

▶NVDredhat/enterprise_linux_desktop7.0

▶NVDredhat/enterprise_linux_workstation7.0

▶NVDredhat/enterprise_linux_update_services5 versions+4

Also affects: Enterprise Linux 8.0, 9.0, 8.6, 8.8, 9.2, 7.0, 8.2, 8.4, 8.1, Fedora 37, 38

🔴Vulnerability Details

GHSA

GHSA-wp8h-m67c-cxpw: A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization↗2023-08-23

▶

CVEList

Subscription-manager: inadequate authorization of com.redhat.rhsm1 d-bus interface allows local users to modify configuration↗2023-08-23

▶

📋Vendor Advisories

Red Hat

subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration↗2023-08-22

▶