{"api_version":"1","generated_at":"2026-04-22T21:27:17+00:00","cve":"CVE-2021-4034","urls":{"html":"https://cve.report/CVE-2021-4034","api":"https://cve.report/api/cve/CVE-2021-4034.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-4034","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-4034"},"summary":{"title":"CVE-2021-4034","description":"A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.","state":"PUBLIC","assigner":"secalert@redhat.com","published_at":"2022-01-28 20:15:00","updated_at":"2023-11-07 03:40:00"},"problem_types":["CWE-125","CWE-787"],"metrics":[],"references":[{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2025869","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2025869","refsource":"MISC","tags":[],"title":"2025869 – (CVE-2021-4034) CVE-2021-4034 polkit: Local privilege escalation in pkexec due to incorrect handling of argument vector","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:0269","name":"https://access.redhat.com/errata/RHSA-2022:0269","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:0270","name":"https://access.redhat.com/errata/RHSA-2022:0270","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:0443","name":"https://access.redhat.com/errata/RHSA-2022:0443","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:0274","name":"https://access.redhat.com/errata/RHSA-2022:0274","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/vulnerabilities/RHSB-2022-001","name":"https://access.redhat.com/security/vulnerabilities/RHSB-2022-001","refsource":"MISC","tags":[],"title":"RHSB-2022-001 Polkit Privilege Escalation - (CVE-2021-4034) - Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:0268","name":"https://access.redhat.com/errata/RHSA-2022:0268","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:0271","name":"https://access.redhat.com/errata/RHSA-2022:0271","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf","name":"https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf","refsource":"CONFIRM","tags":[],"title":"","mime":"application/pdf","httpstatus":"200","archivestatus":"404"},{"url":"https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/","name":"https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/","refsource":"MISC","tags":[],"title":"PwnKit: Local Privilege Escalation Vulnerability In Major Linux Distributions - SecPod Blog","mime":"text/html","httpstatus":"403","archivestatus":"200"},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","name":"https://www.oracle.com/security-alerts/cpuapr2022.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - April 2022","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html","name":"http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html","refsource":"MISC","tags":[],"title":"Polkit pkexec Local Privilege Escalation  ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html","name":"http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html","refsource":"MISC","tags":[],"title":"Polkit pkexec Privilege Escalation ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2022:0272","name":"https://access.redhat.com/errata/RHSA-2022:0272","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt","name":"https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt","refsource":"MISC","tags":[],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/CVE-2021-4034","name":"https://access.redhat.com/security/cve/CVE-2021-4034","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683","name":"https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683","refsource":"MISC","tags":[],"title":"pkexec: local privilege escalation (CVE-2021-4034) (a2bf5c9c) · Commits · polkit / polkit · GitLab","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2022:0273","name":"https://access.redhat.com/errata/RHSA-2022:0273","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.starwindsoftware.com/security/sw-20220818-0001/","name":"https://www.starwindsoftware.com/security/sw-20220818-0001/","refsource":"MISC","tags":[],"title":"CVE-2021-4034 PolicyKit privilege escalation vulnerability in StarWind products","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://access.redhat.com/errata/RHSA-2022:0265","name":"https://access.redhat.com/errata/RHSA-2022:0265","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:0266","name":"https://access.redhat.com/errata/RHSA-2022:0266","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.suse.com/support/kb/doc/?id=000020564","name":"https://www.suse.com/support/kb/doc/?id=000020564","refsource":"MISC","tags":[],"title":"Security vulnerability: CVE-2021-4034 local root exploit in polkit aka \"pwnkit\" | Support | SUSE","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:0267","name":"https://access.redhat.com/errata/RHSA-2022:0267","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2022:0540","name":"https://access.redhat.com/errata/RHSA-2022:0540","refsource":"MISC","tags":[],"title":"Red Hat Customer Portal - Access to 24x7 support and knowledge","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-4034","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-4034","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"14.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"16.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"esm","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"18.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"20.04","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"lts","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"canonical","cpe5":"ubuntu_linux","cpe6":"21.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"http_server","cpe6":"12.2.1.3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"http_server","cpe6":"12.2.1.4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"zfs_storage_appliance_kit","cpe6":"8.8","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"polkit_project","cpe5":"polkit","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_desktop","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_eus","cpe6":"8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_for_ibm_z_systems","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_for_ibm_z_systems","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_for_ibm_z_systems_eus","cpe6":"8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_for_ibm_z_systems_eus","cpe6":"8.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_for_power_big_endian","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_for_power_little_endian","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_for_power_little_endian","cpe6":"8.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_for_power_little_endian_eus","cpe6":"8.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_for_power_little_endian_eus","cpe6":"8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_for_power_little_endian_eus","cpe6":"8.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_for_scientific_computing","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server","cpe6":"6.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_aus","cpe6":"7.3","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_aus","cpe6":"7.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_aus","cpe6":"7.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_aus","cpe6":"7.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_aus","cpe6":"8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_aus","cpe6":"8.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_eus","cpe6":"8.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_tus","cpe6":"7.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_tus","cpe6":"7.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_tus","cpe6":"8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_tus","cpe6":"8.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"enterprise_linux_server_update_services_for_sap_solutions","cpe6":"7.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"redhat","cpe5":"enterprise_linux_server_update_services_for_sap_solutions","cpe6":"7.7","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_update_services_for_sap_solutions","cpe6":"8.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_update_services_for_sap_solutions","cpe6":"8.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_server_update_services_for_sap_solutions","cpe6":"8.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"redhat","cpe5":"enterprise_linux_workstation","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"-1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"h","cpe4":"siemens","cpe5":"scalance_lpe9403","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"siemens","cpe5":"scalance_lpe9403_firmware","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"siemens","cpe5":"sinumerik_edge","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"starwindsoftware","cpe5":"command_center","cpe6":"1.0","cpe7":"update3_build5871","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"starwindsoftware","cpe5":"starwind_hyperconverged_appliance","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"starwindsoftware","cpe5":"starwind_virtual_san","cpe6":"v8","cpe7":"build14338","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"suse","cpe5":"enterprise_storage","cpe6":"7.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"suse","cpe5":"linux_enterprise_desktop","cpe6":"15","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"suse","cpe5":"linux_enterprise_high_performance_computing","cpe6":"15.0","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"-","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"suse","cpe5":"linux_enterprise_server","cpe6":"15","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"-","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"suse","cpe5":"linux_enterprise_server","cpe6":"15","cpe7":"sp2","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"sap","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"suse","cpe5":"linux_enterprise_workstation_extension","cpe6":"12","cpe7":"sp5","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"suse","cpe5":"manager_proxy","cpe6":"4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2021","cve_id":"4034","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"suse","cpe5":"manager_server","cpe6":"4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":{"cve_year":"2021","cve_id":"4034","cve":"CVE-2021-4034","vendorProject":"Red Hat","product":"Polkit","vulnerabilityName":"Red Hat Polkit Out-of-Bounds Read and Write Vulnerability","dateAdded":"2022-06-27","shortDescription":"The Red Hat polkit pkexec utility contains an out-of-bounds read and write vulnerability that allows for privilege escalation with administrative rights.","requiredAction":"Apply updates per vendor instructions.","dueDate":"2022-07-18","knownRansomwareCampaignUse":"Unknown","notes":"https://nvd.nist.gov/vuln/detail/CVE-2021-4034","cwes":"CWE-787","catalogVersion":"2026.04.22","updated_at":"2026-04-22 20:03:10"},"epss":{"cve_year":"2021","cve_id":"4034","cve":"CVE-2021-4034","epss":"0.880830000","percentile":"0.994880000","score_date":"2026-04-21","updated_at":"2026-04-22 00:07:42"},"legacy_qids":[{"cve":"CVE-2021-4034","qid":"159583","title":"Oracle Enterprise Linux Security Update for polkit (ELSA-2022-0267) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"159584","title":"Oracle Enterprise Linux Security Update for polkit (ELSA-2022-0274) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"159620","title":"Oracle Enterprise Linux Security Update for polkit (ELSA-2022-9073)"},{"cve":"CVE-2021-4034","qid":"179030","title":"Debian Security Update for policykit-1 (DSA 5059-1) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"179040","title":"Debian Security Update for policykit-1 (DLA 2899-1) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"182683","title":"Debian Security Update for policykit-1 (CVE-2021-4034)"},{"cve":"CVE-2021-4034","qid":"198645","title":"Ubuntu Security Notification for PolicyKit Vulnerability (USN-5252-1) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"240028","title":"Red Hat Update for polkit (RHSA-2022:0267) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"240031","title":"Red Hat Update for polkit (RHSA-2022:0274) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"240032","title":"Red Hat Update for polkit (RHSA-2022:0265) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"240033","title":"Red Hat Update for polkit (RHSA-2022:0266) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"240421","title":"Red Hat Update for polkit (RHSA-2022:0273)"},{"cve":"CVE-2021-4034","qid":"240443","title":"Red Hat Update for polkit (RHSA-2022:0268)"},{"cve":"CVE-2021-4034","qid":"257147","title":"CentOS Security Update for polkit (CESA-2022:0274) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"282284","title":"Fedora Security Update for polkit (FEDORA-2022-1acf1bb522) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"282285","title":"Fedora Security Update for polkit (FEDORA-2022-da040e6b94) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"296061","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 42.113.1 Missing (CPUJAN2022)"},{"cve":"CVE-2021-4034","qid":"353118","title":"Amazon Linux Security Advisory for polkit : ALAS2-2022-1745 (PwnKit)"},{"cve":"CVE-2021-4034","qid":"354367","title":"Amazon Linux Security Advisory for polkit : ALAS2022-2022-220"},{"cve":"CVE-2021-4034","qid":"354391","title":"Amazon Linux Security Advisory for polkit : ALAS2022-2022-016"},{"cve":"CVE-2021-4034","qid":"354564","title":"Amazon Linux Security Advisory for polkit : ALAS-2022-220"},{"cve":"CVE-2021-4034","qid":"355263","title":"Amazon Linux Security Advisory for polkit : ALAS2023-2023-026"},{"cve":"CVE-2021-4034","qid":"376287","title":"Polkit pkexec Local Privilege Escalation Vulnerability (PwnKit)"},{"cve":"CVE-2021-4034","qid":"376885","title":"Alibaba Cloud Linux Security Update for polkit (ALINUX2-SA-2022:0007)"},{"cve":"CVE-2021-4034","qid":"377154","title":"Alibaba Cloud Linux Security Update for polkit (ALINUX3-SA-2022:0004)"},{"cve":"CVE-2021-4034","qid":"390257","title":"Oracle Managed Virtualization (VM) Server for x86 Security Update for polkit (OVMSA-2022-0006)"},{"cve":"CVE-2021-4034","qid":"502158","title":"Alpine Linux Security Update for polkit"},{"cve":"CVE-2021-4034","qid":"502336","title":"Alpine Linux Security Update for polkit"},{"cve":"CVE-2021-4034","qid":"591095","title":"Delta Controls CopperCube Polkit's pkexec utility Vulnerability (SecB0005)"},{"cve":"CVE-2021-4034","qid":"591295","title":"Siemens SCALANCE LPE 4903 Out-of-bounds Write Vulnerability (ICSA-22-167-16, SSA-330556)"},{"cve":"CVE-2021-4034","qid":"671405","title":"EulerOS Security Update for polkit (EulerOS-SA-2022-1335)"},{"cve":"CVE-2021-4034","qid":"671422","title":"EulerOS Security Update for polkit (EulerOS-SA-2022-1359)"},{"cve":"CVE-2021-4034","qid":"671439","title":"EulerOS Security Update for polkit (EulerOS-SA-2022-1365)"},{"cve":"CVE-2021-4034","qid":"671475","title":"EulerOS Security Update for polkit (EulerOS-SA-2022-1420)"},{"cve":"CVE-2021-4034","qid":"671482","title":"EulerOS Security Update for polkit (EulerOS-SA-2022-1419)"},{"cve":"CVE-2021-4034","qid":"671528","title":"EulerOS Security Update for polkit (EulerOS-SA-2022-1493)"},{"cve":"CVE-2021-4034","qid":"671536","title":"EulerOS Security Update for polkit (EulerOS-SA-2022-1512)"},{"cve":"CVE-2021-4034","qid":"690781","title":"Free Berkeley Software Distribution (FreeBSD) Security Update for polkit (0f8bf913-7efa-11ec-8c04-2cf05d620ecc)"},{"cve":"CVE-2021-4034","qid":"710572","title":"Gentoo Linux Polkit Local privilege escalation Vulnerability (GLSA 202201-01)"},{"cve":"CVE-2021-4034","qid":"730371","title":"McAfee Web Gateway Multiple Vulnerabilities (WP-3335,WP-4131,WP-4159,WP-4237,WP-4259,WP-4329,WP-4348,WP-4355,WP-4376,WP-4407,WP-4421)"},{"cve":"CVE-2021-4034","qid":"730414","title":"Dell InsightIQ Security Update for Polkit Vulnerability (DSA-2022-050)"},{"cve":"CVE-2021-4034","qid":"751644","title":"SUSE Enterprise Linux Security Update for polkit (SUSE-SU-2022:0189-1) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"751645","title":"SUSE Enterprise Linux Security Update for polkit (SUSE-SU-2022:0191-1) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"751649","title":"SUSE Enterprise Linux Security Update for polkit (SUSE-SU-2022:0190-1) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"751658","title":"OpenSUSE Security Update for polkit (openSUSE-SU-2022:0190-1) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"900619","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for polkit (8332)"},{"cve":"CVE-2021-4034","qid":"901617","title":"Common Base Linux Mariner (CBL-Mariner) Security Update for polkit (8335-1)"},{"cve":"CVE-2021-4034","qid":"940435","title":"AlmaLinux Security Update for polkit (ALSA-2022:0267) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"960103","title":"Rocky Linux Security Update for polkit (RLSA-2022:267) (PwnKit)"},{"cve":"CVE-2021-4034","qid":"960714","title":"Rocky Linux Security Update for polkit (RLSA-2022:0267)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2021-4034","ASSIGNER":"secalert@redhat.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"(CWE-787|CWE-125)","cweId":"CWE-787"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"polkit","version":{"version_data":[{"version_affected":"=","version_value":"all"}]}}]}}]}},"references":{"reference_data":[{"url":"https://access.redhat.com/security/vulnerabilities/RHSB-2022-001","refsource":"MISC","name":"https://access.redhat.com/security/vulnerabilities/RHSB-2022-001"},{"url":"https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt","refsource":"MISC","name":"https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2025869","refsource":"MISC","name":"https://bugzilla.redhat.com/show_bug.cgi?id=2025869"},{"url":"https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683","refsource":"MISC","name":"https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683"},{"url":"https://www.oracle.com/security-alerts/cpuapr2022.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpuapr2022.html"},{"url":"http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html","refsource":"MISC","name":"http://packetstormsecurity.com/files/166196/Polkit-pkexec-Local-Privilege-Escalation.html"},{"url":"http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html","refsource":"MISC","name":"http://packetstormsecurity.com/files/166200/Polkit-pkexec-Privilege-Escalation.html"},{"url":"https://www.suse.com/support/kb/doc/?id=000020564","refsource":"MISC","name":"https://www.suse.com/support/kb/doc/?id=000020564"},{"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf","refsource":"MISC","name":"https://cert-portal.siemens.com/productcert/pdf/ssa-330556.pdf"},{"url":"https://www.starwindsoftware.com/security/sw-20220818-0001/","refsource":"MISC","name":"https://www.starwindsoftware.com/security/sw-20220818-0001/"},{"url":"https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/","refsource":"MISC","name":"https://www.secpod.com/blog/local-privilege-escalation-vulnerability-in-major-linux-distributions-cve-2021-4034/"}]}},"nvd":{"publishedDate":"2022-01-28 20:15:00","lastModifiedDate":"2023-11-07 03:40:00","problem_types":["CWE-125","CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.2},"severity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:polkit_project:polkit:*:*:*:*:*:*:*:*","versionEndExcluding":"121","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_update_services_for_sap_solutions:8.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.2:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:sp5:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:suse:linux_enterprise_desktop:15:sp2:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:suse:enterprise_storage:7.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:suse:manager_proxy:4.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:suse:linux_enterprise_high_performance_computing:15.0:sp2:*:*:-:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:-:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:suse:linux_enterprise_server:15:sp2:*:*:*:sap:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:siemens:sinumerik_edge:*:*:*:*:*:*:*:*","versionEndExcluding":"3.3.0","cpe_name":[]}]},{"operator":"AND","children":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:siemens:scalance_lpe9403_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"2.0","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":false,"cpe23Uri":"cpe:2.3:h:siemens:scalance_lpe9403:-:*:*:*:*:*:*:*","cpe_name":[]}]}],"cpe_match":[]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:starwindsoftware:starwind_virtual_san:v8:build14338:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:starwindsoftware:starwind_hyperconverged_appliance:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:starwindsoftware:command_center:1.0:update3_build5871:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"4034","Ordinal":"222166","Title":"CVE-2021-4034","CVE":"CVE-2021-4034","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"4034","Ordinal":"1","NoteData":"A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.","Type":"Description","Title":null},{"CveYear":"2021","CveId":"4034","Ordinal":"2","NoteData":"2022-01-28","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"4034","Ordinal":"3","NoteData":"2022-01-28","Type":"Other","Title":"Modified"}]}}}