Return
-
Title
Polkit vulnerability - CVE-2021-4034 -
Description
A local privilege escalation vulnerability was found on polkit's pkexec utility. More information about this vulnerability can be found here: https://nvd.nist.gov/vuln/detail/CVE-2021-4034
-
Cause
This is an industry-wide vulnerability affecting the polkit's pkexec utility and is not specific to syslog-ng Premium Edition, syslog-ng Store Box (SSB) and One Identity Safeguard for Privileged Sessions (SPS).
-
Resolution
We have confirmed that syslog-ng Premium Edition, syslog-ng Store Box (SSB) and One Identity Safeguard for Privileged Sessions (SPS) does not have the vulnerable binary, pkexec installed and therefore are not affected by CVE-2021-4034.