PT-2023-7319 · Unknown+2 · Insights-Client+2

Alasdair Kergon

Published

2023-07-27

Updated

2024-07-03

CVE-2023-3972

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions insights-client (affected versions not specified)

Description A security issue occurs due to insecure file operations or unsafe handling of temporary files and directories, leading to local privilege escalation. An unprivileged local user or attacker could create the /var/tmp/insights-client directory with read, write, and execute permissions before the insights-client is registered by root. After registration, an attacker could control the directory content by putting malicious scripts into it and executing arbitrary code as root, bypassing SELinux protections.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Exposure of Resource to Wrong Sphere

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-379CWE-61CWE-668

Related Identifiers

BDU:2023-08349

CESA-2023_6283

CVE-2023-3972

RHSA-2023:6264

RHSA-2023:6282

RHSA-2023:6283

RHSA-2023:6284

RHSA-2023:6795

RHSA-2023:6796

RHSA-2023:6798

RHSA-2023:6811

RHSA-2023_6282

RHSA-2023_6283

RHSA-2023_6795

Affected Products

Centos

Red Hat

Insights-Client

PT-2023-7319 · Unknown+2 · Insights-Client+2

CVE-2023-3972

Weakness Enumeration

Related Identifiers

Affected Products

References · 18