CVE-2022-21952
published 2022-06-22CVE-2022-21952: A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| suse | manager_server | >= 4.1 < 4.1.46 | 4.1.46 |
| suse | manager_server | >= 4.2 < 4.2.37 | 4.2.37 |
| suse | suse_manager_server_4.1 | >= spacewalk-java < 4.1.46 | 4.1.46 |
| suse | suse_manager_server_4.2 | >= spacewalk-java < 4.2.37 | 4.2.37 |