First published: Fri Jul 07 2023(Updated: )
Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed hawk2 package allows users with access to the hacluster to escalate to root This issue affects openSUSE Tumbleweed.
Credit: meissner@suse.de meissner@suse.de
Affected Software | Affected Version | How to fix |
---|---|---|
openSUSE Tumbleweed |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-32183 is an Incorrect Default Permissions vulnerability found in the openSUSE Tumbleweed hawk2 package.
Users of openSUSE Tumbleweed with access to the hacluster group are affected by CVE-2023-32183.
The severity of CVE-2023-32183 is rated as high with a CVSS score of 7.8.
By exploiting the Incorrect Default Permissions vulnerability, an attacker with access to the hacluster group can escalate privileges to root.
Yes, it is recommended to update the openSUSE Tumbleweed hawk2 package to the latest version, which includes the fix for CVE-2023-32183.