CVE-2021-3560

Warning

Exploit

EPSS 13.22%
Published 16.02.2022 19:15:08
Last modified 03.04.2025 16:08:28
Source secalert@redhat.com
Teams watchlist Login
Open Login

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Affected products Warnungen 1 Metrics 4 CWE 2 References 7

Data is provided by the National Vulnerability Database (NVD)

Polkit Project ≫ Polkit Version < 0.119

Debian ≫ Debian Linux Version11.0

Canonical ≫ Ubuntu Linux Version20.04

Redhat ≫ Virtualization Version4.0

Redhat ≫ Enterprise Linux Version8.0

Redhat ≫ Virtualization Host Version4.0

Redhat ≫ Enterprise Linux Version8.0

Redhat ≫ Openshift Container Platform Version4.7

Redhat ≫ Enterprise Linux Version7.0
Redhat ≫ Enterprise Linux Version8.0

12.05.2023: CISA Known Exploited Vulnerabilities (KEV) Catalog

Red Hat Polkit Incorrect Authorization Vulnerability

Vulnerability

Red Hat Polkit contains an incorrect authorization vulnerability through the bypassing of credential checks for D-Bus requests, allowing for privilege escalation.

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	13.22%	0.939

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-754 Improper Check for Unusual or Exceptional Conditions

The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

http://packetstormsecurity.com/files/172836/polkit-Authentication-Bypass.html

Third Party Advisory

VDB Entry

http://packetstormsecurity.com/files/172846/Facebook-Fizz-Denial-Of-Service.html

Third Party Advisory

VDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=1961710

Patch

Vendor Advisory

Issue Tracking

https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2021-3560

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-3560

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-3560

EUVD