Vulnerabilities > Opensuse > Supportutils > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-15 | CVE-2022-45154 | Unspecified vulnerability in Opensuse Supportutils A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects: SUSE Linux Enterprise Server 12 supportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions. | 5.5 |
2019-03-05 | CVE-2018-19640 | Improper Input Validation vulnerability in Opensuse Supportutils 3.0.1095.51.1 If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 (e.g. | 5.5 |
2019-03-05 | CVE-2018-19638 | Link Following vulnerability in Opensuse Supportutils 3.0.1095.51.1 In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an unprivileged user could have overwritten arbitrary files in the directory that is used by supportutils to collect the log files. | 4.7 |
2019-03-05 | CVE-2018-19637 | Link Following vulnerability in Opensuse Supportutils 3.0.1095.51.1 Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local attackers to overwrite files on systems without symlink protection | 5.5 |