Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Jun 2, 2023

CVE-2021-3560

High
EPSS 12.4%CISA KEV
Red Hat/Polkit

Description

Red Hat Polkit contains an incorrect authorization vulnerability through the bypassing of credential checks for D-Bus requests, allowing for privilege escalation.

EPSS — Exploit Probability

12.4%

Higher than 93.8% of all CVEs

Required Action

https://bugzilla.redhat.com/show_bug.cgi?id=1961710; https://nvd.nist.gov/vuln/detail/CVE-2021-3560

Risk Assessment

ELEVATED
In CISA KEV

Details

Severity
High
EPSS
12.4%
CISA KEV
Yes
Ransomware
Unknown
Articles
0

Timeline

Published

May 12, 2023

Added to KEV

May 12, 2023

Remediation Due

Jun 2, 2023

Affected Product

Red Hat

Polkit

View all Red Hat CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE