Privilege escalation issue in subscription-manager due to world-readable private key in /etc/pki/consumer/bundle.pem
Issue
- Privilege escalation issue in subscription-manager due to world-readable private key in
/etc/pki/consumer/bundle.pem
which can lead to non-privilege users using the file to make admin type calls to the Satellite API for the consumer.
Environment
- Red Hat Enterprise Linux Server 7.9.
- Red Hat Satellite 6.x.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.