exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

CVE-2023-3899

Status Candidate

Overview

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root.

Related Files

Red Hat Security Advisory 2023-5421-01
Posted Oct 4, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5421-01 - Multicluster Engine for Kubernetes 2.3.2 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management of multiple Kubernetes-based clusters across data centers, public clouds, and private clouds. You can use the engine to create new Red Hat OpenShift Container Platform clusters or to bring existing Kubernetes-based clusters under management by importing them. After the clusters are managed, you can use the APIs that are provided by the engine to distribute configuration based on placement policy.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-41721, CVE-2023-24539, CVE-2023-24540, CVE-2023-26136, CVE-2023-29400, CVE-2023-29491, CVE-2023-30630, CVE-2023-34969, CVE-2023-3899
SHA-256 | 51b3f646b7889065f8eb3b36f5410d5de8ca85f551f03de5dac5ba6b67e59c2c
Red Hat Security Advisory 2023-5376-01
Posted Sep 28, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5376-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-24540, CVE-2023-2602, CVE-2023-2603, CVE-2023-26115, CVE-2023-30630, CVE-2023-34969, CVE-2023-3899
SHA-256 | b218685d6f71f604db3b6476bca35e7a3a832105b68b5274ac7e5ac4ed22b616
Red Hat Security Advisory 2023-5095-01
Posted Sep 21, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5095-01 - Logging Subsystem 5.6.11 - Red Hat OpenShift. Red Hat Product Security has rated this update as having a security impact of Moderate.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-34969, CVE-2023-3899, CVE-2023-4456
SHA-256 | 94bd4ad270c871267f8f1a3669462acdd1722227ddc192e24e45b28f9c5b76fb
Red Hat Security Advisory 2023-5096-01
Posted Sep 20, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5096-01 - Logging Subsystem 5.5.16 - Red Hat OpenShift security update. Red Hat Product Security has rated this update as having a security impact of Moderate.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-34969, CVE-2023-3899, CVE-2023-4456
SHA-256 | 0b0524e9b143a4231d0b7f6aa2fe13874968bacef0b9ea9d7d89f5de1c7afef5
Red Hat Security Advisory 2023-5206-01
Posted Sep 19, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5206-01 - Updated images are now available for Red Hat Advanced Cluster Security (RHACS). A clickjacking issue has been addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3899, CVE-2023-4958
SHA-256 | 02085fc3a611d0438198eeb9f58bc4f3586c52b3a925c0aacbcdf504f3ed6967
Red Hat Security Advisory 2023-5174-01
Posted Sep 15, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5174-01 - Red Hat OpenShift Service Mesh is the Red Hat distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers container images for the release.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-3709, CVE-2023-2602, CVE-2023-2603, CVE-2023-27536, CVE-2023-2828, CVE-2023-28321, CVE-2023-28484, CVE-2023-29469, CVE-2023-32681, CVE-2023-34969, CVE-2023-35942, CVE-2023-3899
SHA-256 | 2fdaa8b5f0dc250ed2da73afa69ef3e080f58dfd68093bf0794cf51de36bc34b
Red Hat Security Advisory 2023-4933-01
Posted Sep 14, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4933-01 - Logging Subsystem 5.7.6 addresses an issues where LokiStack authorization is cached too broadly.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-32360, CVE-2023-34969, CVE-2023-3899, CVE-2023-4456
SHA-256 | 502e6e9888a0dfe72ee4bcd30135f5e4960dfba1e0b041541837e1efb9155bc5
Red Hat Security Advisory 2023-5001-01
Posted Sep 13, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5001-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.49. Issues addressed include a bypass vulnerability.

tags | advisory, bypass
systems | linux, redhat
advisories | CVE-2016-3709, CVE-2022-46146, CVE-2023-32360, CVE-2023-3899
SHA-256 | 25b24a22ab82cbc89840904080db60b46b514189164d05701629525da4dc2990
Red Hat Security Advisory 2023-5103-01
Posted Sep 12, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-3709, CVE-2022-4304, CVE-2022-4450, CVE-2023-0215, CVE-2023-0286, CVE-2023-0361, CVE-2023-2828, CVE-2023-3089, CVE-2023-38408, CVE-2023-3899
SHA-256 | ff86c5fcb20d801641ee0a943d716618abfc792dd089f942079ae10795581374
Red Hat Security Advisory 2023-5029-01
Posted Sep 8, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-5029-01 - An update is now available for Red Hat OpenShift GitOps 1.9. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2023-2602, CVE-2023-2603, CVE-2023-27536, CVE-2023-2828, CVE-2023-28321, CVE-2023-28484, CVE-2023-29469, CVE-2023-32681, CVE-2023-34969, CVE-2023-38408, CVE-2023-3899, CVE-2023-40029, CVE-2023-40584
SHA-256 | c0291459c882477e013eaea14c0f82d0a59d74dddca3fd7408915b71c5865c3f
Red Hat Security Advisory 2023-4731-01
Posted Aug 31, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4731-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.10.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-27664, CVE-2022-41723, CVE-2023-3899
SHA-256 | e921f00ec5f9a309ad9069ff2cc784adf92e0e5f737d48f6b45d2a33d1611782
Red Hat Security Advisory 2023-4730-01
Posted Aug 31, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4730-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.10.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20329, CVE-2023-3899
SHA-256 | e2a9d037db50b41360768fef667407a27d3378b6eacdbb1eff3c05c5a9c8e1ef
Red Hat Security Advisory 2023-4706-01
Posted Aug 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4706-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3899
SHA-256 | f0fb064435cf4904ccbafd984a63a82116141526bf68f95669b0084de0c8fa0b
Red Hat Security Advisory 2023-4705-01
Posted Aug 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4705-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3899
SHA-256 | ea023ffea411c1cea4a3d69573a5b6126fcba3f6b2735e9d7eb7963684277114
Red Hat Security Advisory 2023-4702-01
Posted Aug 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4702-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3899
SHA-256 | 21f91dc8a0d5658959c0b0e70fdad4bd5ebdc22c603a80817b33d7d2a971fe22
Red Hat Security Advisory 2023-4708-01
Posted Aug 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4708-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3899
SHA-256 | 3504efa0259f42a522cf614227c24edc185f7cce77c98b556c5312964af9334c
Red Hat Security Advisory 2023-4701-01
Posted Aug 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4701-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3899
SHA-256 | 75c86355c61ea1bb603018f3486746cd1fae556fb4d2fb5440fd3d049915d11f
Red Hat Security Advisory 2023-4703-01
Posted Aug 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4703-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3899
SHA-256 | f8f701f388d39534bd68c3765d051b3fe656a256347ed3f03037c2c0db5181f7
Red Hat Security Advisory 2023-4707-01
Posted Aug 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4707-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3899
SHA-256 | 03e031406d6e9ccf2eeae935baf0a97d291149a3e53222820d80aba5ab54acb4
Red Hat Security Advisory 2023-4704-01
Posted Aug 23, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-4704-01 - The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-3899
SHA-256 | 56aa603e6b2716af2b4bd6bca220bfab6ffc82758690edb96aa9dc12439b94e0
Page 1 of 1
Back1Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    16 Files
  • 18
    Jun 18th
    26 Files
  • 19
    Jun 19th
    15 Files
  • 20
    Jun 20th
    18 Files
  • 21
    Jun 21st
    8 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close