CRITICAL🇬🇧 English

CVE-2019-18906

CVSS 9.8v3.1pub. 2021-06-30upd. 2024-11-21

A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, SUSE Manager Server 4.0 allows attackers with access to the hashed password to use it without having to crack it. This issue affects: SUSE Linux Enterprise Server for SAP 12-SP5 cryptctl versions prior to 2.4. SUSE Manager Server 4.0 cryptctl versions prior to 2.4.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Opensuse Cryptctl

    APP
    Opensuse
    < 2.4
  • SUSE Linux Enterprise Server

    OS
    Suse
    12
  • SUSE Manager Server

    APP
    Suse
    4.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Auth Bypass
CWE
Referencje

Powiązane podatności

CVE-2016-3427CRITICAL9.8⚠ KEVten sam produkt

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 ...

CVE-2015-2590CRITICAL9.8⚠ KEVten sam produkt

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows re...

CVE-2014-7169CRITICAL9.8⚠ KEVten sam produkt

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the...

CVE-2014-6271CRITICAL9.8⚠ KEVten sam produkt

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variab...

CVE-2013-2465CRITICAL9.8⚠ KEVten sam produkt

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and ea...