Vulnerabilities > Suse > Yast2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-04-26 | CVE-2016-1601 | Credentials Management vulnerability in Suse Yast2 yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vectors. | 9.8 |