CVE-2021-4034

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

CVSS v3 7.8 HIGH
CVSS v2.0 7.2 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html	Exploit Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html	Third Party Advisory VDB Entry
https://access.redhat.com/security/vulnerabilities/RHSB-2022-001	Mitigation Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2025869	Issue Tracking Patch
https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf	Third Party Advisory
https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683	Patch
https://www.oracle.com/security-alerts/cpuapr2022.html	Patch Third Party Advisory
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt	Exploit Mitigation Third Party Advisory
https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/	Exploit Third Party Advisory
https://www.starwindsoftware.com/security/sw-20220818-0001/	Third Party Advisory
https://www.suse.com/support/kb/doc/?id=000020564	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:polkit_project:polkit:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:::::::*
	cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:21.10:::::::*

Configuration 4 (hide)

OR	cpe:2.3:a:suse:enterprise_storage:7.0:::::::*
	cpe:2.3:a:suse:linux_enterprise_high_performance_computing:15.0:sp2:::-:::*
	cpe:2.3:a:suse:manager_proxy:4.1:::::::*
	cpe:2.3:a:suse:manager_server:4.1:::::::*
	cpe:2.3:o:suse:linux_enterprise_desktop:15:sp2::::::
	cpe:2.3:o:suse:linux_enterprise_server:15:sp2::::-::*
	cpe:2.3:o:suse:linux_enterprise_server:15:sp2::::sap::*
	cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp5::::::

Configuration 5 (hide)

OR	cpe:2.3:a:oracle:http_server:12.2.1.3.0:::::::*
	cpe:2.3:a:oracle:http_server:12.2.1.4.0:::::::*
	cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*

Configuration 6 (hide)

cpe:2.3:a:siemens:sinumerik_edge:*:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*

Configuration 8 (hide)

OR	cpe:2.3:a:starwindsoftware:command_center:1.0:update3_build5871::::::
	cpe:2.3:a:starwindsoftware:starwind_hyperconverged_appliance:-:::::::*
	cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build14338::::::

History

No history.

Information

Published : 2022-01-28 20:15

Updated : 2024-06-28 14:14

NVD link : CVE-2021-4034

Mitre link : CVE-2021-4034

CVE.ORG link : CVE-2021-4034

JSON object : View

Products Affected

suse

linux_enterprise_desktop
linux_enterprise_high_performance_computing
manager_proxy
linux_enterprise_workstation_extension
linux_enterprise_server
enterprise_storage
manager_server

redhat

enterprise_linux_desktop
enterprise_linux_eus
enterprise_linux_for_power_little_endian_eus
enterprise_linux_server_tus
enterprise_linux_for_ibm_z_systems
enterprise_linux_server_aus
enterprise_linux_for_scientific_computing
enterprise_linux_server
enterprise_linux
enterprise_linux_server_update_services_for_sap_solutions
enterprise_linux_workstation
enterprise_linux_for_power_big_endian
enterprise_linux_for_ibm_z_systems_eus
enterprise_linux_server_eus
enterprise_linux_for_power_little_endian

siemens

sinumerik_edge
scalance_lpe9403
scalance_lpe9403_firmware

polkit_project

polkit

oracle

http_server
zfs_storage_appliance_kit

starwindsoftware

command_center
starwind_virtual_san
starwind_hyperconverged_appliance

canonical

ubuntu_linux

CWE

CWE-125

Out-of-bounds Read

CWE-787

Out-of-bounds Write

{"id": "CVE-2021-4034", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2022-01-28T20:15:12.193", "references": [{"url": "http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert@redhat.com"}, {"url": "https://access.redhat.com/security/vulnerabilities/RHSB-2022-001", "tags": ["Mitigation", "Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2025869", "tags": ["Issue Tracking", "Patch"], "source": "secalert@redhat.com"}, {"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683", "tags": ["Patch"], "source": "secalert@redhat.com"}, {"url": "https://www.oracle.com/security-alerts/cpuapr2022.html", "tags": ["Patch", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/", "tags": ["Exploit", "Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.starwindsoftware.com/security/sw-20220818-0001/", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}, {"url": "https://www.suse.com/support/kb/doc/?id=000020564", "tags": ["Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-125"}, {"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad de escalada de privilegios local en la utilidad pkexec de polkit. La aplicaci\u00f3n pkexec es una herramienta setuid dise\u00f1ada para permitir a usuarios sin privilegios ejecutar comandos como usuarios privilegiados de acuerdo con pol\u00edticas predefinidas. La versi\u00f3n actual de pkexec no maneja correctamente el recuento de par\u00e1metros de llamada y termina intentando ejecutar variables de entorno como comandos. Un atacante puede aprovechar esto creando variables de entorno de tal manera que induzcan a pkexec a ejecutar c\u00f3digo arbitrario. Cuando se ejecuta con \u00e9xito, el ataque puede provocar una escalada de privilegios locales otorgando a los usuarios sin privilegios derechos administrativos en la m\u00e1quina de destino."}], "lastModified": "2024-06-28T14:14:04.403", "cisaActionDue": "2022-07-18", "cisaExploitAdd": "2022-06-27", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:polkit_project:polkit:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F01D94C9-1E04-413B-8636-1AAC6D9E84D6", "versionEndExcluding": "121"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB70A2F8-EAB3-4898-9353-F679FF721C82"}, {"criteria": "cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB3AC848-C2D0-4878-8619-F5815173555D"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "831F0F47-3565-4763-B16F-C87B1FF2035E"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "566507B6-AC95-47F7-A3FB-C6F414E45F51"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "87C21FE1-EA5C-498F-9C6C-D05F91A88217"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AB105EC-19F9-424A-86F1-305A6FD74A9C"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C9BD9AE-46FC-4609-8D99-A3CFE91D58D1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CDCFF34-6F1D-45A1-BE37-6A0E17B04801"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B4A684C7-88FD-43C4-9BDB-AE337FCBD0AB"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47811209-5CE5-4375-8391-B0A7F6A0E420"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8EB6F417-25D0-4A28-B7BA-D21929EAA9E9"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5C80DB2-4A78-4EC9-B2A8-1E4D902C4834"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "983533DD-3970-4A37-9A9C-582BD48AA1E5"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37CE1DC7-72C5-483C-8921-0B462C8284D1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98381E61-F082-4302-B51F-5648884F998B"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7431ABC1-9252-419E-8CC1-311B41360078"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6897676D-53F9-45B3-B27F-7FF9A4C58D33"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E28F226A-CBC7-4A32-BE58-398FA5B42481"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "61917784-47F1-4328-BA1F-A88C5E23496B"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B09ACF2D-D83F-4A86-8185-9569605D8EE1"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AC10D919-57FD-4725-B8D2-39ECB476902F"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48C2E003-A71C-4D06-B8B3-F93160568182"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3921C1CF-A16D-4727-99AD-03EFFA7C91CA"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC6DD887-9744-43EA-8B3C-44C6B6339590"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "vulnerable": true, "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "vulnerable": true, "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAE4D2D0-CEEB-416F-8BC5-A7987DF56190"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7305944-AC9C-47A3-AADF-71A8B24830D1"}, {"criteria": "cpe:2.3:a:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "CDFEA8DC-7D78-4ACD-A95C-9408F45EEAE7"}, {"criteria": "cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9910C73A-3BCD-4F56-8C7D-79CB289640A2"}, {"criteria": "cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5810E98-7BF5-42E2-9DE9-661049ABE367"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:15:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8C4F62C0-4188-433A-8292-559025CA23C0"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:-:*:*", "vulnerable": true, "matchCriteriaId": "07D416C5-4A0F-4EF3-A3DE-A028AAA4F739"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:sap:*:*", "vulnerable": true, "matchCriteriaId": "F6C1736B-0505-4C19-98B7-90C8359F3BCD"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "243B9B56-C744-4C1C-B42E-158C1B041B6A"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43"}, {"criteria": "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AD04BEE5-E9A8-4584-A68C-0195CE9C402C"}, {"criteria": "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:siemens:sinumerik_edge:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D069EA07-88A5-4058-A2BC-44F94D9ACC9A", "versionEndExcluding": "3.3.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FC41AD4-69E5-48D8-8216-671F485C3C40", "versionEndExcluding": "2.0"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "52A77C9D-E59C-4397-B834-797D7B334A6B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:starwindsoftware:command_center:1.0:update3_build5871:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B323EF31-7A67-4458-8323-86F8AA58268C"}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_hyperconverged_appliance:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F2F0335-AFED-4562-9CC2-F1788C9D0BB4"}, {"criteria": "cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build14338:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14AF427F-BC75-40C7-9579-34A74E2E475D"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Red Hat Polkit Out-of-Bounds Read and Write Vulnerability"}

7.8 /10