CVE-2023-22644
Summary
| CVE | CVE-2023-22644 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-09-20 09:15:00 UTC |
|---|
| Updated | 2023-09-25 16:28:00 UTC |
|---|
| Description | An Innsertion of Sensitive Information into Log File vulnerability in SUSE SUSE Manager Server Module 4.2 spacewalk-java, SUSE SUSE Manager Server Module 4.3 spacewalk-java causes sensitive information to be logged.
This issue affects SUSE Manager Server Module 4.2: before 4.2.50-150300.3.66.5; SUSE Manager Server Module 4.3: before 4.3.58-150400.3.46.4. |
|---|
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|
| Application |
Suse |
Manager Server |
All |
All |
All |
All |
References
| Reference | Source | Link | Tags |
|---|
| 1209434 – (CVE-2023-22644) AUDIT-TRACKER: CVE-2023-22644: SUMA: Check for potential leaks in log file |
MISC |
bugzilla.suse.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 755392 SUSE Enterprise Linux Security Update for SUSE Manager 4.3.10 Release Notes (SUSE-SU-2023:4758-1)
- 755436 SUSE Enterprise Linux Server, Proxy and Retail Branch Server (SUSE-SU-2023:4737-1)
- 755844 SUSE Enterprise Linux Security Update for suse manager server 4.2 (SUSE-SU-2023:2594-1)
- 755845 SUSE Enterprise Linux Security Update for suse manager 4.2: server (SUSE-SU-2023:1831-1)
