Skip to main content

Red Hat Enterprise Linux 10 CVE-2026-4948

| EUVD-2026-16557 MEDIUM
Incorrect Execution-Assigned Permissions (CWE-279)
2026-03-27 redhat
Authentication Bypass Red Hat Enterprise Linux 10 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 9 Red Hat Openshift Container Platform 4
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
SUSE
MEDIUM
qualitative
Red Hat
5.5 MEDIUM
qualitative

Primary rating from NVD.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
High
Availability
None

Lifecycle Timeline

4
Patch released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 27, 2026 - 06:00 euvd
EUVD-2026-16557
Analysis Generated
Mar 27, 2026 - 06:00 vuln.today
CVE Published
Mar 27, 2026 - 05:30 nvd
MEDIUM 5.5

DescriptionCVE.org

A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus (Desktop Bus) setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper authentication, leading to unauthorized changes in network security configurations.

AnalysisAI

Firewalld on Red Hat Enterprise Linux 7, 8, 9, and 10, as well as OpenShift Container Platform 4, contains an authentication bypass vulnerability in two D-Bus setters (setZoneSettings2 and setPolicySettings) that allows local unprivileged users to modify runtime firewall configurations without proper authorization. An authenticated local attacker can exploit this to change network security policies, potentially enabling lateral movement or service disruption. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment The CVSS 3.1 base score of 5.5 (vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N) indicates a medium-severity integrity-focused vulnerability with low attack complexity, requiring only local access and low-level user privileges. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unprivileged local user on a Red Hat Enterprise Linux 8 system (e.g., a service account or containerized workload) invokes the setZoneSettings2 or setPolicySettings D-Bus method to open inbound ports or disable firewall rules protecting sensitive internal services. Because the D-Bus authorization policy lacks proper access control checks, the call succeeds despite the caller lacking firewall administration rights. …
Remediation Apply the security update provided by Red Hat for firewalld across all affected Red Hat Enterprise Linux systems (7, 8, 9, 10) and OpenShift Container Platform 4.x deployments. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-11788 HIGH
7.5 Jun 09

Remote denial of service in 389 Directory Server (Red Hat Directory Server 11/12/13 and Red Hat Enterprise Linux 6 throu
CVE-2026-48914 MEDIUM
6.7 Jun 12

Out-of-bounds heap write in QEMU's virtio-blk device allows a high-privileged guest to crash the host QEMU process. The

CVE-2026-11789 MEDIUM
6.5 Jun 09

Denial-of-service in Red Hat's 389 Directory Server allows a highly privileged network attacker to crash the LDAP servic
CVE-2026-11786 MEDIUM
6.5 Jun 09

Out-of-bounds read in 389 Directory Server's LDIF parser exposes limited heap memory to a highly privileged local attack
CVE-2026-11611 MEDIUM
6.5 Jun 08

Denial of service in Red Hat 389 Directory Server's Content Synchronization persistent search plugin enables authenticat

Vendor StatusVendor

SUSE

Severity: Medium
Product Status
SUSE Linux Enterprise Desktop 15 SP7 Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Fixed
SUSE Linux Enterprise Micro 5.2 Fixed
SUSE Linux Enterprise Micro 5.3 Fixed
SUSE Linux Enterprise Micro 5.4 Fixed

Share

CVE-2026-4948 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy