CVE-2023-3899
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2023-3899 is a local privilege escalation vulnerability affecting Red Hat's subscription-manager. The issue lies in the D-Bus interface, com.redhat.RHSM1, which is accessible to all users. An attacker can manipulate this interface by using the method com.redhat.RHSM1.Config.SetAll(), allowing them to alter the system registration state. This includes unregistering the system or changing current entitlements. By exploiting this vulnerability, a low-privileged local user can ultimately gain unconfined root access through arbitrary configuration directive modifications in /etc/rhsm/rhsm.conf.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- Redhat Subscription-manager
- Red Hat Enterprise Linux
- Redhat Enterprise Linux For Ibm Z Systems
- Fedora Operating System
- RedHat Enterprise Linux Server
Affected Vendors
- Red Hat
- Fedora Project