6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
PolicyKit 0.103 sets the AdminIdentities to “wheel” by default, which
allows local users in the wheel group to gain root privileges without
authentication.
Author | Note |
---|---|
tyhicks | Change introduced in upstream PolicyKit version 0.103 The Debian package reverts the patch |