Skip to main content

Red Hat Enterprise Linux 10 CVE-2026-4105

| EUVD-2026-11774 MEDIUM
Improper Access Control (CWE-284)
2026-03-13 redhat
Authentication Bypass Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 Red Hat Openshift Container Platform 4
6.7
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
6.7 MEDIUM
AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
SUSE
MEDIUM
qualitative
Red Hat
6.7 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

4
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 13, 2026 - 09:29 euvd
EUVD-2026-11774
Analysis Generated
Mar 13, 2026 - 09:29 vuln.today
CVE Published
Mar 13, 2026 - 08:52 nvd
MEDIUM 6.7

DescriptionCVE.org

A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.

AnalysisAI

High severity vulnerability in systemd. A flaw was found in systemd. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment Severity: High (7.8/10.0) No EPSS data available yet Local attack vector — requires local access or user interaction to exploit Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with local access to the system can exploit this vulnerability.
Remediation Monitor redhat for patches and updates. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-11788 HIGH
7.5 Jun 09

Remote denial of service in 389 Directory Server (Red Hat Directory Server 11/12/13 and Red Hat Enterprise Linux 6 throu
CVE-2026-48914 MEDIUM
6.7 Jun 12

Out-of-bounds heap write in QEMU's virtio-blk device allows a high-privileged guest to crash the host QEMU process. The

CVE-2026-11789 MEDIUM
6.5 Jun 09

Denial-of-service in Red Hat's 389 Directory Server allows a highly privileged network attacker to crash the LDAP servic
CVE-2026-11786 MEDIUM
6.5 Jun 09

Out-of-bounds read in 389 Directory Server's LDIF parser exposes limited heap memory to a highly privileged local attack
CVE-2026-11611 MEDIUM
6.5 Jun 08

Denial of service in Red Hat 389 Directory Server's Content Synchronization persistent search plugin enables authenticat

Vendor StatusVendor

Debian

systemd
Release Status Fixed Version Urgency
bullseye vulnerable 247.3-7+deb11u5 -
bullseye (security) vulnerable 247.3-7+deb11u7 -
bookworm vulnerable 252.39-1~deb12u1 -
bookworm (security) vulnerable 252.38-1~deb12u1 -
trixie vulnerable 257.9-1~deb13u1 -
forky vulnerable 260~rc2-1 -
sid fixed 260~rc3-1 -
(unstable) fixed 260~rc3-1 -

SUSE

Severity: Medium
Product Status
Container suse/ltss/sle12.5/sles12sp5:8.5.213 Affected
Container suse/manager/4.3/proxy-httpd:4.3.17.9.76.3 Affected
Container suse/manager/4.3/proxy-salt-broker:4.3.17.9.66.3 Container suse/manager/4.3/proxy-ssh:4.3.17.9.66.3 Affected
Container suse/manager/5.0/x86_64/proxy-httpd:latest Container suse/manager/5.0/x86_64/server-hub-xmlrpc-api:latest Affected
Container suse/manager/5.0/x86_64/proxy-ssh:latest Container suse/manager/5.0/x86_64/server-attestation:latest Container suse/manager/5.0/x86_64/server-migration-14-16:latest Affected

Share

CVE-2026-4105 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy