COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2021-3560

CVE-2021-3560

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2023-05-12
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-3560
⌖ exploited in the wild shame 50/100 exploited-in-wild

Red Hat Polkit contains an incorrect authorization vulnerability through the bypassing of credential checks for D-Bus requests, allowing for privilege escalation.

Players implicated

Red Hat · vendorPolkit · product

Description

Red Hat Polkit contains an incorrect authorization vulnerability through the bypassing of credential checks for D-Bus requests, allowing for privilege escalation.

Affected FedRAMP products 1 in the catalog

ProductProviderStatusMatch
Red Hat OpenShift Service on AWS (ROSA) Red Hat In Process vendor-exact · 0.90