Main Vulnerability Database Vulnerabilities #VU82890

#VU82890 Incorrect default permissions in Insights Core - CVE-2023-3972

Published: November 7, 2023

Vulnerability identifier: #VU82890

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-3972

CWE-ID: CWE-276

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Insights Core

Software vendor:
Red Hat Inc.

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to unsafe handling of temporary files and directories. Before the insights-client has been registered on the system by root, an unprivileged local user can create the /var/tmp/insights-client directory. After the client is registered by root, the local user can execute arbitrary files with root privileges from the affected directory.

Remediation

Install updates from vendor's website.

External links

https://bugzilla.redhat.com/show_bug.cgi?id=2227027

#VU82890 Incorrect default permissions in Insights Core - CVE-2023-3972

Description

Remediation

External links

Please verify you're human