(RHSA-2023:4705) Important: subscription-manager security update

2023-08-2215:30:59

access.redhat.com

red hat entitlement platform

subscriptions

yum repositories

local users

configuration modification

cve-2023-3899

security update

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform.

Security Fix(es):

subscription-manager: inadequate authorization of com.redhat.RHSM1 D-Bus interface allows local users to modify configuration (CVE-2023-3899)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat8aarch64subscription-manager-rhsm-certificates< 1.28.29.1-2.el8_6subscription-manager-rhsm-certificates-1.28.29.1-2.el8_6.aarch64.rpm
RedHat8s390xdnf-plugin-subscription-manager< 1.28.29.1-2.el8_6dnf-plugin-subscription-manager-1.28.29.1-2.el8_6.s390x.rpm
RedHat8aarch64python3-subscription-manager-rhsm< 1.28.29.1-2.el8_6python3-subscription-manager-rhsm-1.28.29.1-2.el8_6.aarch64.rpm
RedHat8s390xpython3-cloud-what< 1.28.29.1-2.el8_6python3-cloud-what-1.28.29.1-2.el8_6.s390x.rpm
RedHat8s390xdnf-plugin-subscription-manager-debuginfo< 1.28.29.1-2.el8_6dnf-plugin-subscription-manager-debuginfo-1.28.29.1-2.el8_6.s390x.rpm
RedHat8s390xpython3-syspurpose< 1.28.29.1-2.el8_6python3-syspurpose-1.28.29.1-2.el8_6.s390x.rpm
RedHat8noarchrhsm-icons< 1.28.29.1-2.el8_6rhsm-icons-1.28.29.1-2.el8_6.noarch.rpm
RedHat8s390xpython3-subscription-manager-rhsm-debuginfo< 1.28.29.1-2.el8_6python3-subscription-manager-rhsm-debuginfo-1.28.29.1-2.el8_6.s390x.rpm
RedHat8s390xsubscription-manager-debugsource< 1.28.29.1-2.el8_6subscription-manager-debugsource-1.28.29.1-2.el8_6.s390x.rpm
RedHat8x86_64subscription-manager-migration< 1.28.29.1-2.el8_6subscription-manager-migration-1.28.29.1-2.el8_6.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	8	aarch64	subscription-manager-rhsm-certificates	< 1.28.29.1-2.el8_6	subscription-manager-rhsm-certificates-1.28.29.1-2.el8_6.aarch64.rpm
RedHat	8	s390x	dnf-plugin-subscription-manager	< 1.28.29.1-2.el8_6	dnf-plugin-subscription-manager-1.28.29.1-2.el8_6.s390x.rpm
RedHat	8	aarch64	python3-subscription-manager-rhsm	< 1.28.29.1-2.el8_6	python3-subscription-manager-rhsm-1.28.29.1-2.el8_6.aarch64.rpm
RedHat	8	s390x	python3-cloud-what	< 1.28.29.1-2.el8_6	python3-cloud-what-1.28.29.1-2.el8_6.s390x.rpm
RedHat	8	s390x	dnf-plugin-subscription-manager-debuginfo	< 1.28.29.1-2.el8_6	dnf-plugin-subscription-manager-debuginfo-1.28.29.1-2.el8_6.s390x.rpm
RedHat	8	s390x	python3-syspurpose	< 1.28.29.1-2.el8_6	python3-syspurpose-1.28.29.1-2.el8_6.s390x.rpm
RedHat	8	noarch	rhsm-icons	< 1.28.29.1-2.el8_6	rhsm-icons-1.28.29.1-2.el8_6.noarch.rpm
RedHat	8	s390x	python3-subscription-manager-rhsm-debuginfo	< 1.28.29.1-2.el8_6	python3-subscription-manager-rhsm-debuginfo-1.28.29.1-2.el8_6.s390x.rpm
RedHat	8	s390x	subscription-manager-debugsource	< 1.28.29.1-2.el8_6	subscription-manager-debugsource-1.28.29.1-2.el8_6.s390x.rpm
RedHat	8	x86_64	subscription-manager-migration	< 1.28.29.1-2.el8_6	subscription-manager-migration-1.28.29.1-2.el8_6.x86_64.rpm