Latest suse manager server Vulnerabilities

CVE-2023-22644
An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server Module 4.2 spacewalk-java, SUSE SUSE Manager Server Module 4.3 spacewalk-java causes sensitive informatio...
SUSE Manager Server>=4.2<4.2.50-150300.3.66.5
SUSE Manager Server>=4.3<4.3.58-150400.3.46.4
CVE-2023-29552
Service Location Protocol (SLP) Denial-of-Service Vulnerability
IETF Service Location Protocol (SLP)
Netapp Smi-s Provider
SUSE Manager Server
SUSE Linux Enterprise Server=11
SUSE Linux Enterprise Server=12
Suse Linux Enterprise Server Sap=12
and 4 more
CVE-2022-31254
A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUS...
Opensuse Rmt-server<2.10
SUSE Manager Server=4.1
openSUSE Leap=15.3
openSUSE Leap=15.4
SUSE Linux Enterprise Server=15
SUSE Linux Enterprise Server=15-sp1
CVE-2022-43753
A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Mod...
SUSE Manager Server>=4.2<4.2.10
SUSE Manager Server>=4.3<4.3.2
Uyuni-project Uyuni<2022.10
CVE-2022-43754
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterpr...
SUSE Manager Server>=4.2<4.2.10
SUSE Manager Server>=4.3<4.3.2
Uyuni-project Uyuni<2022.10
CVE-2022-31255
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in spacewalk/Uyuni of SUSE Linux Enterprise Module for SUSE Manager Server 4.2, SUSE Linux Enterprise Mo...
SUSE Manager Server>=4.2<4.2.10
SUSE Manager Server>=4.3<4.3.2
Uyuni-project Uyuni<2022.10
CVE-2022-31248
A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Mana...
SUSE Manager Server>=4.1<4.1.46-1
SUSE Manager Server>=4.2<4.2.37-1
CVE-2022-21952
A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources le...
SUSE Manager Server>=4.1<4.1.46
SUSE Manager Server>=4.2<4.2.37
CVE-2022-27239
In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.
debian/cifs-utils<=2:6.11-3.1<=2:6.8-2<=2:6.14-1
debian/cifs-utils
Samba Cifs-utils<6.15
Debian Debian Linux=9.0
Debian Debian Linux=10.0
Debian Debian Linux=11.0
and 56 more
CVE-2021-4034
Red Hat Polkit Out-of-Bounds Read and Write Vulnerability
redhat/polkit<0:0.96-11.el6_10.2
redhat/polkit<0:0.112-26.el7_9.1
redhat/polkit<0:0.112-12.el7_3.1
redhat/polkit<0:0.112-12.el7_4.2
redhat/polkit<0:0.112-18.el7_6.3
redhat/polkit<0:0.112-22.el7_7.2
and 62 more
CVE-2021-25321
A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 all...
Suse Arpwatch<2.1a15
SUSE Manager Server=4.0
SUSE OpenStack Cloud Crowbar=9.0
SUSE Linux Enterprise Server=11-sp4
Suse Arpwatch<=2.1a15-169.5
openSUSE Factory
and 2 more
CVE-2019-18906
A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, SUSE Manager Server 4.0 allows attackers with access to the hashed password to use it without having...
Opensuse Cryptctl<2.4
Suse Linux Enterprise Server Sap=12-sp5
SUSE Manager Server=4.0
CVE-2021-25317
A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory...
Suse Cups<1.3.9
SUSE Linux Enterprise Server=11-sp4
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Suse Cups<2.2.7
and 6 more
CVE-2020-8028
A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Ma...
Suse Salt-netapi-client<0.17.0-3.3.2
SUSE Manager Server=4.1
Suse Salt-netapi-client<0.16.0-4.14.1
SUSE Manager Server=3.2
Suse Salt-netapi-client<0.17.0-4.6.3
SUSE Manager Server=4.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203