CVE-2023-32189

CWE-639Insecure Direct Object Reference4 documents4 sources
Severity
6.4MEDIUM
EPSS
0.1%
top 82.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Suse Suse Manager Server Module 4.3
Timeline
PublishedOct 16

Description

Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially gain access to the keys

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:H/SI:H/SA:H

Affected Packages1 packages

CVEListV5suse/suse_manager_server_module_4.3?4.3.27-150400.3.38.2

🔴Vulnerability Details

3
GHSA
GHSA-6hvm-8v29-cgp8: Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially gain access to the keys2024-10-16
CVEList
Insecure handling SSH key in SUSE Manager when bootstrapping new clients2024-10-16
OSV
golang-1.18 vulnerabilities2023-04-25