Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2023-3972

Published: 01/11/2023 Updated: 09/11/2023
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 0
Subscribe to Redhat

Vulnerability Summary

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat insights-client

redhat enterprise linux desktop 7.0

redhat enterprise linux for scientific computing 7.0

redhat enterprise linux 7.0

redhat enterprise linux server 7.0

redhat enterprise linux for power little endian 7.0

redhat enterprise linux for power big endian 7.0

redhat enterprise linux for ibm z systems 7.0

redhat enterprise linux 8.0

redhat enterprise linux server tus 8.2

redhat enterprise linux server aus 8.2

redhat enterprise linux server tus 8.4

redhat enterprise linux server aus 8.4

redhat enterprise linux for power little endian 8.0

redhat enterprise linux for ibm z systems 8.0

redhat enterprise linux server for power little endian update services for sap solutions 8.1

redhat enterprise linux server for power little endian update services for sap solutions 8.2

redhat enterprise linux server for power little endian update services for sap solutions 8.4

redhat enterprise linux server for power little endian update services for sap solutions 8.6

redhat enterprise linux for ibm z systems eus 8.6

redhat enterprise linux server tus 8.6

redhat enterprise linux eus 8.6

redhat enterprise linux for power little endian eus 8.6

redhat enterprise linux 9.0

redhat enterprise linux server for power little endian update services for sap solutions 9.0

redhat enterprise linux for power little endian 9.0

redhat enterprise linux eus 9.0

redhat enterprise linux aus 8.6

redhat enterprise linux for ibm z systems 9.0

redhat enterprise linux for ibm z systems eus 9.0

redhat enterprise linux server tus 8.8

redhat enterprise linux eus 8.8

redhat enterprise linux server aus 9.2

redhat enterprise linux eus 9.2

redhat enterprise linux for ibm z systems eus 9.2

redhat enterprise linux for power little endian eus 9.2

redhat enterprise linux for arm 64 eus 9.2

redhat enterprise linux server update services for sap solutions 9.2

redhat enterprise linux server for power little endian update services for sap solutions 9.2

redhat enterprise linux for arm 64 eus 8.6

redhat enterprise linux for arm 64 eus 8.8

redhat enterprise linux for arm 64 8.0

redhat enterprise linux for arm 64 eus 9.0

redhat enterprise linux for ibm z systems eus 8.8

redhat enterprise linux server for power little endian update services for sap solutions 8.8

redhat enterprise linux for power little endian eus 8.8

redhat enterprise linux update services for sap solutions 8.4

redhat enterprise linux update services for sap solutions 8.1

redhat enterprise linux update services for sap solutions 8.2

redhat enterprise linux update services for sap solutions 8.6

redhat enterprise linux update services for sap solutions 8.8

Vendor Advisories

Red Hat: Important: insights-client security update
Synopsis Important: insights-client security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for insights-client is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this upd ...
Red Hat: Important: insights-client security update
Synopsis Important: insights-client security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for insights-client is now available for Red Hat Enterprise Linux 86 Extended Update SupportRed Hat Product S ...
Red Hat: Important: insights-client security update
Synopsis Important: insights-client security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for insights-client is now available for Red Hat Enterprise Linux 82 Advanced Update Support, Red Hat Enterpri ...
Red Hat: Important: insights-client security update
Synopsis Important: insights-client security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for insights-client is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this upd ...
Red Hat:
Description<!---->A vulnerability was found in insights-client This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /v ...

References

CWE-668https://bugzilla.redhat.com/show_bug.cgi?id=2227027https://access.redhat.com/security/cve/CVE-2023-3972https://github.com/RedHatInsights/insights-core/pull/3878https://access.redhat.com/errata/RHSA-2023:6264https://access.redhat.com/errata/RHSA-2023:6282https://access.redhat.com/errata/RHSA-2023:6284https://access.redhat.com/errata/RHSA-2023:6283https://access.redhat.com/errata/RHSA-2023:6795https://access.redhat.com/errata/RHSA-2023:6796https://access.redhat.com/errata/RHSA-2023:6798https://access.redhat.com/errata/RHSA-2023:6811https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2023:6283https://access.redhat.com/security/cve/cve-2023-3972
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook