Informazioni sul CVE-2023-3972
Insights-client: unsafe handling of temporary files and directories
CWE ID: CWE-379
Base Score (CVSS): N/A
CVE: CVE-2023-3972
Descrizione: A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide).
Vettore di attacco CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Punteggio CVSS
Il CVSS è un sistema di valutazione che misura la gravità di una vulnerabilità informatica considerando fattori come l’impatto potenziale, la probabilità di attacco e la facilità di esecuzione.
Riassunto: Accesso: Local, Privilegi: Low, Interazione utente: None, Confidenzialità: High, Integrità: High, Disponibilità: High.
Dettaglio del Vettore
| Metrica | Valore | Significato | Descrizione |
|---|---|---|---|
| Attack Vector (AV) | L | Local | L’attaccante deve avere accesso locale al sistema. |
| Attack Complexity (AC) | L | Low | L’attacco non richiede condizioni particolari. |
| Privileges Required (PR) | L | Low | Richiede pochi privilegi. |
| User Interaction (UI) | N | None | Non è richiesta interazione dell’utente. |
| Scope (S) | U | Unchanged | Il raggio d’azione non cambia. |
| Confidentiality Impact (C) | H | High | Grave impatto sulla riservatezza. |
| Integrity Impact (I) | H | High | Grave impatto sull’integrità. |
| Availability Impact (A) | H | High | Rende il sistema inutilizzabile. |
Riferimenti esterni
- https://access.redhat.com/errata/RHSA-2023:6264
- https://access.redhat.com/errata/RHSA-2023:6282
- https://access.redhat.com/errata/RHSA-2023:6283
- https://access.redhat.com/errata/RHSA-2023:6284
- https://access.redhat.com/errata/RHSA-2023:6795
- https://access.redhat.com/errata/RHSA-2023:6796
- https://access.redhat.com/errata/RHSA-2023:6798
- https://access.redhat.com/errata/RHSA-2023:6811
- https://access.redhat.com/security/cve/CVE-2023-3972
- https://bugzilla.redhat.com/show_bug.cgi?id=2227027
- https://github.com/RedHatInsights/insights-core/pull/3878
Prodotti interessati
- Red Hat – Red Hat Enterprise Linux 7
- Red Hat – Red Hat Enterprise Linux 8
- Red Hat – Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions
- Red Hat – Red Hat Enterprise Linux 8.2 Advanced Update Support
- Red Hat – Red Hat Enterprise Linux 8.2 Telecommunications Update Service
- Red Hat – Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
- Red Hat – Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
- Red Hat – Red Hat Enterprise Linux 8.4 Telecommunications Update Service
- Red Hat – Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
- Red Hat – Red Hat Enterprise Linux 8.6 Extended Update Support
- Red Hat – Red Hat Enterprise Linux 9
- Red Hat – Red Hat Enterprise Linux 9.0 Extended Update Support
- Red Hat – Red Hat Enterprise Linux 6
Relazioni con altri prodotti
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 7
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 8
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 9
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 6
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 8.6 Extended Update Support
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 8.2 Advanced Update Support
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 8.2 Telecommunications Update Service
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 8.4 Telecommunications Update Service
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 9.0 Extended Update Support
Anno: 2023
CWE: CWE-379
CVSS: 0.0
Produttore:Red Hat
Prodotto: Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions
Anno: 2023
CWE: CWE-379
CVSS: 0.0