CVE-2023-3899

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Aug 23, 2023
Updated: Nov 9, 2023
CWE ID 285
CWE ID 863

Summary

CVE-2023-3899 is a local privilege escalation vulnerability affecting Red Hat's subscription-manager. The issue lies in the D-Bus interface, com.redhat.RHSM1, which is accessible to all users. An attacker can manipulate this interface by using the method com.redhat.RHSM1.Config.SetAll(), allowing them to alter the system registration state. This includes unregistering the system or changing current entitlements. By exploiting this vulnerability, a low-privileged local user can ultimately gain unconfined root access through arbitrary configuration directive modifications in /etc/rhsm/rhsm.conf.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Redhat Subscription-manager
  • Red Hat Enterprise Linux
  • Redhat Enterprise Linux For Ibm Z Systems
  • Fedora Operating System
  • RedHat Enterprise Linux Server

Affected Vendors

  • Red Hat
  • Fedora Project