CVE-2023-32183

HIGH

openSUSE Tumbleweed hawk2 - Privilege Escalation via Incorrect Default Permissions

Title source: llm
STIX 2.1

Description

Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed hawk2 package allows users with access to the hacluster to escalate to root This issue affects openSUSE Tumbleweed.

References (1)

Core 1
Core References
Exploit, Issue Tracking, Vendor Advisory
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32183

Scores

CVSS v3 7.8
EPSS 0.0007
EPSS Percentile 21.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-276
Status published
Products (1)
opensuse/tumbleweed
Published Jul 07, 2023
Tracked Since Feb 18, 2026