{"id":"CVE-2017-2663","details":"It was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local attacker could use these methods to gain access to private information, or launch a privilege escalation attack.","modified":"2026-04-10T03:59:15.915915Z","published":"2018-07-27T20:29:00.577Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97015"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2663"},{"type":"FIX","url":"https://github.com/candlepin/subscription-manager/commit/2aa48ef65"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/candlepin/subscription-manager","events":[{"introduced":"0"},{"fixed":"f026fec6636698e19de289eeae593006b1ddf82b"},{"fixed":"2aa48ef65"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"1.19.4"}]}}],"versions":["python-rhsm-1.19.2-1","subscription-manager-0.96.2-1","subscription-manager-0.96.4-1","subscription-manager-0.96.6-1","subscription-manager-0.96.7-1","subscription-manager-0.96.9-1","subscription-manager-0.97.1-1","subscription-manager-0.97.2-1","subscription-manager-0.98.2-1","subscription-manager-0.98.6-1","subscription-manager-0.98.7-1","subscription-manager-0.98.8-1","subscription-manager-0.99.10-1","subscription-manager-0.99.11-1","subscription-manager-0.99.12-1","subscription-manager-0.99.13-1","subscription-manager-0.99.2-1","subscription-manager-0.99.3-1","subscription-manager-0.99.4-1","subscription-manager-0.99.5-1","subscription-manager-0.99.6-1","subscription-manager-0.99.7-1","subscription-manager-0.99.8-1","subscription-manager-0.99.9-1","subscription-manager-1.0.10-1","subscription-manager-1.0.11-1","subscription-manager-1.0.12-1","subscription-manager-1.0.13-1","subscription-manager-1.0.14-1","subscription-manager-1.0.15-1","subscription-manager-1.0.16-1","subscription-manager-1.0.17-1","subscription-manager-1.0.2-1","subscription-manager-1.0.4-1","subscription-manager-1.0.5-1","subscription-manager-1.0.6-1","subscription-manager-1.0.7-1","subscription-manager-1.0.8-1","subscription-manager-1.0.9-1","subscription-manager-1.1.1-1","subscription-manager-1.1.10-1","subscription-manager-1.1.2-1","subscription-manager-1.1.3-1","subscription-manager-1.1.4-1","subscription-manager-1.1.5-1","subscription-manager-1.1.6-1","subscription-manager-1.1.8-1","subscription-manager-1.1.9-1","subscription-manager-1.10.1-1","subscription-manager-1.10.10-1","subscription-manager-1.10.11-1","subscription-manager-1.10.13-1","subscription-manager-1.10.14-1","subscription-manager-1.10.2-1","subscription-manager-1.10.3-1","subscription-manager-1.10.4-1","subscription-manager-1.10.5-1","subscription-manager-1.10.6-1","subscription-manager-1.10.7-1","subscription-manager-1.10.8-1","subscription-manager-1.10.9-1","subscription-manager-1.11.1-1","subscription-manager-1.11.2-1","subscription-manager-1.11.3-1","subscription-manager-1.11.4-1","subscription-manager-1.11.5-1","subscription-manager-1.11.6-1","subscription-manager-1.11.7-1","subscription-manager-1.12.1-1","subscription-manager-1.12.10-1","subscription-manager-1.12.11-1","subscription-manager-1.12.12-1","subscription-manager-1.12.13-1","subscription-manager-1.12.14-1","subscription-manager-1.12.2-1","subscription-manager-1.12.3-1","subscription-manager-1.12.4-1","subscription-manager-1.12.5-1","subscription-manager-1.12.6-1","subscription-manager-1.12.7-1","subscription-manager-1.12.8-1","subscription-manager-1.12.9-1","subscription-manager-1.13.1-1","subscription-manager-1.13.10-1","subscription-manager-1.13.11-1","subscription-manager-1.13.12-1","subscription-manager-1.13.13-1","subscription-manager-1.13.2-1","subscription-manager-1.13.3-1","subscription-manager-1.13.4-1","subscription-manager-1.13.5-1","subscription-manager-1.13.6-1","subscription-manager-1.13.7-1","subscription-manager-1.13.8-1","subscription-manager-1.13.9-1","subscription-manager-1.14.1-1","subscription-manager-1.14.2-1","subscription-manager-1.14.3-1","subscription-manager-1.14.4-1","subscription-manager-1.14.5-1","subscription-manager-1.14.6-1","subscription-manager-1.14.7-1","subscription-manager-1.14.8-1","subscription-manager-1.14.9-1","subscription-manager-1.15.1-1","subscription-manager-1.15.2-1","subscription-manager-1.15.3-1","subscription-manager-1.15.4-1","subscription-manager-1.15.5-1","subscription-manager-1.15.6-1","subscription-manager-1.15.7-1","subscription-manager-1.16.0-1","subscription-manager-1.16.1-1","subscription-manager-1.16.2-1","subscription-manager-1.16.3-1","subscription-manager-1.16.4-1","subscription-manager-1.16.5-1","subscription-manager-1.16.6-1","subscription-manager-1.16.7-1","subscription-manager-1.16.8-1","subscription-manager-1.17.1-1","subscription-manager-1.17.2-1","subscription-manager-1.17.3-1","subscription-manager-1.17.4-1","subscription-manager-1.17.5-1","subscription-manager-1.17.6-1","subscription-manager-1.17.7-1","subscription-manager-1.17.8-1","subscription-manager-1.17.9-1","subscription-manager-1.18.1-1","subscription-manager-1.18.2-1","subscription-manager-1.18.3-1","subscription-manager-1.18.4-1","subscription-manager-1.18.5-1","subscription-manager-1.18.6-1","subscription-manager-1.19.0-1","subscription-manager-1.19.1-1","subscription-manager-1.19.2-1","subscription-manager-1.19.3-1","subscription-manager-1.8.0-1","subscription-manager-1.8.1-1","subscription-manager-1.8.10-1","subscription-manager-1.8.11-1","subscription-manager-1.8.12-1","subscription-manager-1.8.13-1","subscription-manager-1.8.2-1","subscription-manager-1.8.3-1","subscription-manager-1.8.5-1","subscription-manager-1.8.6-1","subscription-manager-1.8.8-1","subscription-manager-1.8.9-1","subscription-manager-1.9.1-1","subscription-manager-1.9.2-1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-2663.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}