CVE-2021-3560
Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
Vulnerability Description
It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Affected Platforms (CPE)
📦
Polkit Project
Polkit
< 0.119💻
Debian
Debian Linux
= 11.0💻
Canonical
Ubuntu Linux
= 20.04📦
Redhat
Virtualization
= 4.0📦
Redhat
Virtualization Host
= 4.0📦
Redhat