Suse Linux Enterprise Server 11-Sp4-Ltss vulnerabilities

4 known vulnerabilities affecting suse/suse_linux_enterprise_server_11-sp4-ltss.

Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH3LOW1

Vulnerabilities

Page 1 of 1
CVE-2021-25321HIGHCVSS 7.8≥ arpwatch, < 2.1a152021-06-30
CVE-2021-25321 [HIGH] CWE-61 CVE-2021-25321: A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 1 A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon the next restart of arpwatch. This issue affects: SUSE Li
cvelistv5nvd
CVE-2021-25317LOWCVSS 3.3≥ cups, < 1.3.92021-05-05
CVE-2021-25317 [LOW] CWE-276 CVE-2021-25317: A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Serv A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. This issue affe
cvelistv5nvd
CVE-2020-8023HIGHCVSS 7.8≥ openldap2, < 2.4.26-0.74.13.1,2020-09-01
CVE-2020-8023 [HIGH] CWE-349 CVE-2020-8023: A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of ope A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux
cvelistv5nvd
CVE-2020-8019HIGHCVSS 7.8≥ syslog-ng, < 2.0.9-27.34.40.5.12020-06-29
CVE-2020-8019 [HIGH] CWE-61 CVE-2020-8019: A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux E A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server for SAP 12-SP1; open
cvelistv5nvd