๐Ÿ” CVE Alert

CVE-2023-3899

HIGH 7.8

Subscription-manager: inadequate authorization of com.redhat.rhsm1 d-bus interface allows local users to modify configuration

CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root.

CWE CWE-285
Vendor red hat
Product red hat enterprise linux 7
Published Aug 23, 2023
Last Updated Nov 20, 2025
Stay Ahead of the Next One

Get instant alerts for red hat red hat enterprise linux 7

Be the first to know when new high vulnerabilities affecting red hat red hat enterprise linux 7 are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Affected Versions

Red Hat / Red Hat Enterprise Linux 7
All versions affected
Red Hat / Red Hat Enterprise Linux 8
All versions affected
Red Hat / Red Hat Enterprise Linux 8
All versions affected
Red Hat / Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 8.2 Advanced Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.2 Telecommunications Update Service
All versions affected
Red Hat / Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 8.4 Telecommunications Update Service
All versions affected
Red Hat / Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
All versions affected
Red Hat / Red Hat Enterprise Linux 8.6 Extended Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 9
All versions affected
Red Hat / Red Hat Enterprise Linux 9.0 Extended Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 6
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
access.redhat.com: https://access.redhat.com/errata/RHSA-2023:4701 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:4702 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:4703 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:4704 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:4705 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:4706 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:4707 access.redhat.com: https://access.redhat.com/errata/RHSA-2023:4708 access.redhat.com: https://access.redhat.com/security/cve/CVE-2023-3899 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2225407 lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/FJHKSBBZRDFOBNDU35FUKMYQIQYT6UJQ/ lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/ZDIHGNLS3TZVX7X2F735OKI4KXPY4AH6/

Credits

This issue was discovered by Thibault Guittet (Senior Product Security Engineer, Red Hat).