CVE-2023-22644
First published: Wed Sep 20 2023(Updated: )
An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server Module 4.2 spacewalk-java, SUSE SUSE Manager Server Module 4.3 spacewalk-java causes sensitive information to be logged. This issue affects SUSE Manager Server Module 4.2: before 4.2.50-150300.3.66.5; SUSE Manager Server Module 4.3: before 4.3.58-150400.3.46.4.
Credit: meissner@suse.de meissner@suse.de
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SUSE Manager Server | >=4.2<4.2.50-150300.3.66.5 | |
| SUSE Manager Server | >=4.3<4.3.58-150400.3.46.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-22644?
CVE-2023-22644 is an Innsertion of Sensitive Information into Log File vulnerability affecting SUSE Manager Server Module 4.2 and 4.3.
How does CVE-2023-22644 impact SUSE Manager Server?
CVE-2023-22644 causes sensitive information to be logged in SUSE Manager Server.
What is the severity of CVE-2023-22644?
The severity of CVE-2023-22644 is medium, with a severity value of 5.5.
How can I fix CVE-2023-22644?
To fix CVE-2023-22644, update SUSE Manager Server Module 4.2 to version 4.2.50-150300.3.66.5 or later, and SUSE Manager Server Module 4.3 to version 4.3.58-150400.3.46.4 or later.
What is the CWE of CVE-2023-22644?
The CWE (Common Weakness Enumeration) of CVE-2023-22644 is 532.
- collector/nvd-api
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/suse
- canonical/suse manager server
- version/suse manager server/4.2
- version/suse manager server/4.3