Skip to main content

Subscription Manager

2 CVEs product

Monthly

CVE-2023-3899 HIGH This Week

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Red Hat Authentication Bypass Subscription Manager Fedora +18
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2016-4455 LOW PATCH Monitor

The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Privilege Escalation Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Server Enterprise Linux Workstation +1
NVD GitHub
CVSS 3.1
3.3
EPSS
0.0%
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Red Hat Authentication Bypass +20
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

The Subscription Manager package (aka subscription-manager) before 1.17.7-1 for Candlepin uses weak permissions (755) for subscription-manager cache directories, which allows local users to obtain. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Privilege Escalation Enterprise Linux Desktop Enterprise Linux Hpc Node +3
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy