Suse Linux Smt vulnerabilities
3 known vulnerabilities affecting suse_linux/smt.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH1
Vulnerabilities
Page 1 of 1
CVE-2018-12472CRITICALCVSS 9.1≥ unspecified, < 3.0.372018-10-04
CVE-2018-12472 [HIGH] CWE-287 CVE-2018-12472: A improper authentication using the HOST header in SUSE Linux SMT allows remote attackers to spoof a
A improper authentication using the HOST header in SUSE Linux SMT allows remote attackers to spoof a sibling server. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.
cvelistv5nvd
CVE-2018-12470CRITICALCVSS 9.8≥ unspecified, < 3.0.372018-10-04
CVE-2018-12470 [CRITICAL] CWE-89 CVE-2018-12470: A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to cause
A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to cause execute arbitrary SQL statements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.
cvelistv5nvd
CVE-2018-12471HIGHCVSS 8.1≥ unspecified, < 3.0.372018-10-04
CVE-2018-12471 [MEDIUM] CWE-611 CVE-2018-12471: A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT allows remote attackers to read
A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT allows remote attackers to read data from the server or cause DoS by referencing blocking elements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.
cvelistv5nvd