Vulnerabilities > CVE-2019-3684 - Insecure Storage of Sensitive Information vulnerability in Suse Manager 1.7/4.0.7

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
suse
CWE-922

Summary

SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a7191a6fb46bb83e98ae4b99a5ade created world-readable swap files on systems that don't have a swap already configured and don't have btrfs as filesystem

Vulnerable Configurations

Part Description Count
Application
Suse
2

Common Weakness Enumeration (CWE)