Suse Linux Enterprise Server For Sap 12-Sp5 vulnerabilities

CVE-2022-45153 [HIGH] CWE-276 CVE-2022-45153: An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SA

CVE-2019-18906 [CRITICAL] CWE-287 CVE-2019-18906: A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, SUSE Manager Server 4.0 allows attackers with access to the hashed password to use it without having to crack it. This issue affects: SUSE Linux Enterprise Server for SAP 12-SP5 cryptctl versions prior to 2.4. SUSE Manager Server 4.0 cryptctl version