Suse Manager Server 4.1 vulnerabilities

3 known vulnerabilities affecting suse/suse_manager_server_4.1.

Total CVEs

3

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1

CVE-2022-31254HIGHCVSS 7.8≥ rmt-server, < 2.102023-02-07

CVE-2022-31254 [HIGH] CWE-276 CVE-2022-31254: A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterpr A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt user to escalate to root. This issue affects: SUSE Linux Enterprise Server

CVE-2022-21952HIGHCVSS 7.5≥ spacewalk-java, < 4.1.462022-06-22

CVE-2022-21952 [HIGH] CWE-306 CVE-2022-21952: A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Serve A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior

CVE-2022-31248MEDIUMCVSS 5.3≥ spacewalk-java, < 4.1.46-12022-06-22

CVE-2022-31248 [MEDIUM] CWE-204 CVE-2022-31248: A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE M A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1.