CVE-2022-31248
published 2022-06-22CVE-2022-31248: A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid…
medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| suse | manager_server | >= 4.1 < 4.1.46-1 | 4.1.46-1 |
| suse | manager_server | >= 4.2 < 4.2.37-1 | 4.2.37-1 |
| suse | suse_manager_server_4.1 | >= spacewalk-java < 4.1.46-1 | 4.1.46-1 |
| suse | suse_manager_server_4.2 | >= spacewalk-java < 4.2.37-1 | 4.2.37-1 |