First published: Wed Sep 20 2023(Updated: )
An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server Module 4.2 spacewalk-java, SUSE SUSE Manager Server Module 4.3 spacewalk-java causes sensitive information to be logged. This issue affects SUSE Manager Server Module 4.2: before 4.2.50-150300.3.66.5; SUSE Manager Server Module 4.3: before 4.3.58-150400.3.46.4.
Credit: meissner@suse.de meissner@suse.de
Affected Software | Affected Version | How to fix |
---|---|---|
SUSE Manager Server | >=4.2<4.2.50-150300.3.66.5 | |
SUSE Manager Server | >=4.3<4.3.58-150400.3.46.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-22644 is an Innsertion of Sensitive Information into Log File vulnerability affecting SUSE Manager Server Module 4.2 and 4.3.
CVE-2023-22644 causes sensitive information to be logged in SUSE Manager Server.
The severity of CVE-2023-22644 is medium, with a severity value of 5.5.
To fix CVE-2023-22644, update SUSE Manager Server Module 4.2 to version 4.2.50-150300.3.66.5 or later, and SUSE Manager Server Module 4.3 to version 4.3.58-150400.3.46.4 or later.
The CWE (Common Weakness Enumeration) of CVE-2023-22644 is 532.