CVE-2023-3899

{"id": "CVE-2023-3899", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-08-23T11:15:07.573", "references": [{"url": "https://access.redhat.com/errata/RHSA-2023:4701", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4702", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4703", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4704", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4705", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4706", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4707", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4708", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-3899", "tags": ["Vendor Advisory"], "source": "[email protected]"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225407", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4701", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4702", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4703", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4704", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4705", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4706", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4707", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/errata/RHSA-2023:4708", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://access.redhat.com/security/cve/CVE-2023-3899", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2225407", "tags": ["Issue Tracking", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/FJHKSBBZRDFOBNDU35FUKMYQIQYT6UJQ/", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/ZDIHGNLS3TZVX7X2F735OKI4KXPY4AH6/", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-285"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root."}], "lastModified": "2024-11-21T08:18:19.280", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:subscription-manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "920623D9-21D8-4EC5-B2F1-02504B3C60FA", "versionEndExcluding": "1.28.39"}, {"criteria": "cpe:2.3:a:redhat:subscription-manager:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4E20528-67BC-4A50-9E9D-1A389BFFFAE9", "versionEndExcluding": "1.29.37", "versionStartIncluding": "1.29.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C3741B8-851F-475D-B428-523F4F722350"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62C31522-0A17-4025-B269-855C7F4B45C2"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DDA3E5A-8754-4C48-9A27-E2415F8A6000"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3C74F6FA-FA6C-4648-9079-91446E45EE47"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F797F2E-00E6-4D03-A94E-524227529A0A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B528C5D-0F72-4685-8516-257597E94AE4"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D1E1C3E-0188-43C3-8911-858B5D7A2965"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EFBEEE7-8BC5-4F4E-8EFA-42A6743152BB"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83981111-E13A-4A88-80FD-F63D7CCAA47F"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6AAF4A69-A4CC-409E-BC05-FABAE86321B2"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78825319-8A45-4880-B7C4-2B223029DDD3"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "566507B6-AC95-47F7-A3FB-C6F414E45F51"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87C21FE1-EA5C-498F-9C6C-D05F91A88217"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D650BFB9-4FDC-4311-8D7E-D981C8F4FA3B"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C415CABF-E1C4-4E95-9424-AEEEAFF1CAE7"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EF5C4AC-CA69-41E3-AD93-7AC21931374A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "83364F5C-57F4-4D57-B54F-540CAC1D7753"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B6C30A81-BF75-46CC-A05E-42BAF271D1C4"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "213A5029-FCF9-4EA9-AEF9-21313F6DCBD8"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47811209-5CE5-4375-8391-B0A7F6A0E420"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "35EEDB95-DCD1-4FED-9BBB-877B2062410C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A49ABD84-6755-4894-AD4E-49AAD39933C2"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "868A6ED7-44DD-44FF-8ADD-9971298A1175"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71DDE212-1018-4554-9C06-4908442DE134"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76C24D94-834A-4E9D-8F73-624AFA99AAA2"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F32CA554-F9D7-425B-8F1C-89678507F28C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DF2B9A2-8CA6-4EDF-9975-07265E363ED2"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7DA6A5AF-2EBE-4ED9-B312-DCD9D150D031"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22D095ED-9247-4133-A133-73B7668565E4"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "871A5C26-DB7B-4870-A5B2-5DD24C90B4A7"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "12A809B2-2771-4780-9E0D-6A7B4A534CFB"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "492DF629-16B8-4882-822D-A6897B03DD30"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE4AEBCB-B1E6-4A6A-9E8C-DDC5A003BCB9"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B09ACF2D-D83F-4A86-8185-9569605D8EE1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1272DF03-7674-4BD4-8E64-94004B195448"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1CA946D-1665-4874-9D41-C7D963DD1F56"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE1A81A1-63EC-431C-9CBC-8D28C15AB3E5"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC7D8E93-D4BE-46E7-BDE7-843BF8A33162"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3ADDB02D-F377-43CE-B0A8-FC6C7D5CFABC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15D3CC6E-3A8F-4694-B3CC-0DB12A3E9A0F"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E881C927-DF96-4D2E-9887-FF12E456B1FB"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FB096D5D-E8F6-4164-8B76-0217B7151D30"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_update_services_for_sap_solutions:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01ED4F33-EBE7-4C04-8312-3DA580EFFB68"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}