QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2023-3972

Back to search

CVE-2023-3972

Published: Nov 1, 2023

Modified: Apr 6, 2026

PUBLISHED

CVSS v3.1

7.8

HIGH

Description

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide).

VendorProductVersions

Red Hat

Red Hat Enterprise Linux 7

unaffected
0:3.1.9-1.el7_9 - < *

Red Hat

Red Hat Enterprise Linux 8

unaffected
0:3.2.2-1.el8_8 - < *

Red Hat

Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions

unaffected
0:3.2.3-1.el8_1 - < *

Red Hat

Red Hat Enterprise Linux 8.2 Advanced Update Support

unaffected
0:3.2.3-1.el8_2 - < *

Red Hat

Red Hat Enterprise Linux 8.2 Telecommunications Update Service

unaffected
0:3.2.3-1.el8_2 - < *

Red Hat

Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions

unaffected
0:3.2.3-1.el8_2 - < *

Red Hat

Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support

unaffected
0:3.2.3-1.el8_4 - < *

Red Hat

Red Hat Enterprise Linux 8.4 Telecommunications Update Service

unaffected
0:3.2.3-1.el8_4 - < *

Red Hat

Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions

unaffected
0:3.2.3-1.el8_4 - < *

Red Hat

Red Hat Enterprise Linux 8.6 Extended Update Support

unaffected
0:3.2.2-1.el8_6 - < *

Red Hat

Red Hat Enterprise Linux 9

unaffected
0:3.2.2-1.el9_2 - < *

Red Hat

Red Hat Enterprise Linux 9.0 Extended Update Support

unaffected
0:3.2.2-1.el9_0 - < *

Red Hat

Red Hat Enterprise Linux 6

All versions

Weaknesses (CWE)

CWE-379

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

References

RHSA-2023:6264
vendor-advisory
x_refsource_REDHAT
RHSA-2023:6282
vendor-advisory
x_refsource_REDHAT
RHSA-2023:6283
vendor-advisory
x_refsource_REDHAT
RHSA-2023:6284
vendor-advisory
x_refsource_REDHAT
RHSA-2023:6795
vendor-advisory
x_refsource_REDHAT
RHSA-2023:6796
vendor-advisory
x_refsource_REDHAT
RHSA-2023:6798
vendor-advisory
x_refsource_REDHAT
RHSA-2023:6811
vendor-advisory
x_refsource_REDHAT
RHBZ#2227027
issue-tracking
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now