7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Red Hat Universal Base Image Minimal UBI Publicly disclosed vulnerability, the ubi8 containers that the MAS Core team maintains will all be rebuilt using the latest ubi8 version that is available.
CVEID:CVE-2023-3899
**DESCRIPTION:**Red Hat Enterprise Linux could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper authorization by the subscription-manager. By sending a specially crafted request through D-Bus interface com.redhat.RHSM1, an authenticated attacker could exploit this vulnerability to gain elevated privileges to an unconfined root.
CVSS Base score: 7.8
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/264328 for the current score.
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)
Affected Product(s) | Version(s) |
---|---|
IBM Maximo Application Suite - Predict Component | 8.9 |
Affected Product(s) | Version(s) |
---|---|
IBM Maximo Application Suite - Predict Component |
ibm-mas-predict.v9.0
ibm-mas-health.v9.0
ibm-mas-health.v8.11.x
ibm-mas-predict.v8.9.x
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm maximo application suite - predict component | eq | 8.9 |
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
6.3 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%