VDB
CVE-2023-3899
CVE-2023-3899
PUBLISHED
CVSS 8.699999809265137 HIGH
Es existiert eine Schwachstelle in der "subscription-manager" Komponente von Red Hat Enterprise Linux. Der Fehler besteht in der D-Bus-Schnittstelle von "com.redhat.RHSM1" und ist auf eine fehlerhafte Autorisierung zurückzuführen. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern.
EPSS 0.04% · 11.7th percentile
Risk Scores
CVSS 4.0
8.699999809265137
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.04%
11.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | Red Hat Enterprise Linux 8 | |
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | |
| Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support | |
| Red Hat | Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions | |
| Red Hat | Red Hat Enterprise Linux 9.0 Extended Update Support | |
| Red Hat | Red Hat Enterprise Linux 8.2 Telecommunications Update Service | |
| Red Hat | Red Hat Enterprise Linux | |
| Red Hat | Red Hat OpenShift Container Platform < 4.14.0 | |
| Red Hat | Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions | |
| Red Hat | Red Hat Enterprise Linux 9 | |
| Fedora | Fedora Linux | |
| IBM | IBM Security Guardium 12.0 | |
| Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support | |
| Red Hat | Red Hat Enterprise Linux 8.4 Telecommunications Update Service | |
| Red Hat | Red Hat Enterprise Linux 7 |
Timeline
- Aug 22, 2023 CVE Published
- Aug 24, 2023 EPSS Score
- Sep 26, 2023 EPSS Score
- Oct 29, 2023 EPSS Score
- Dec 1, 2023 EPSS Score
- Jan 1, 2024 CVE Updated
- Jan 3, 2024 EPSS Score
- Feb 6, 2024 EPSS Score
- Mar 10, 2024 EPSS Score
- Apr 12, 2024 EPSS Score
- May 15, 2024 EPSS Score
- Jun 17, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2902.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2902 advisory
- https://www.ibm.com/support/pages/node/7073592 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2118.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2118 advisory
- https://access.redhat.com/errata/RHSA-2023:4701 advisory
- https://access.redhat.com/errata/RHSA-2023:4702 advisory
- https://access.redhat.com/errata/RHSA-2023:4703 advisory
- https://access.redhat.com/errata/RHSA-2023:4704 advisory
- https://access.redhat.com/errata/RHSA-2023:4705 advisory
- https://access.redhat.com/errata/RHSA-2023:4706 advisory
- https://access.redhat.com/errata/RHSA-2023:4707 advisory
- https://access.redhat.com/errata/RHSA-2023:4708 advisory
- http://bodhi.fedoraproject.org/updates/FEDORA-2023-0f2f9bc779 advisory
- http://bodhi.fedoraproject.org/updates/FEDORA-2023-29a012c0db advisory
- https://access.redhat.com/errata/RHSA-2023:4982 advisory
- https://access.redhat.com/errata/RHSA-2023:5206 advisory
- https://access.redhat.com/errata/RHSA-2023:5006 advisory