CVE-2023-32360: 
Rocky Linux vulnerability analysis and mitigation

CVE-2023-32360 is an authentication vulnerability in the Common UNIX Printing System (CUPS) that was discovered and disclosed in June 2023. The vulnerability affects macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4, and various Linux distributions using CUPS. An authentication issue was identified that could allow unauthenticated users to access recently printed documents (Apple Advisory, Debian Advisory).

The vulnerability stems from an authentication issue in CUPS' state management system. It specifically affects the CUPS-Get-Document operation, which could allow unauthorized access to recently printed documents. The vulnerability has been assigned a CVSS v3.1 base score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N (NVD).

The primary impact of this vulnerability is the potential unauthorized access to recently printed documents. An unauthenticated user may be able to retrieve documents that have been previously printed through the CUPS system, potentially leading to information disclosure (Red Hat Advisory).

The vulnerability has been patched in multiple versions: macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4, and various Linux distributions. For Linux systems, it's recommended to check the CUPS configuration file (/etc/cups/cupsd.conf) to ensure proper authentication settings, particularly the 'AuthType Default' directive in the relevant sections (Debian Advisory).