Description
A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1.
Related CPE's
a
suse
manager_server
2
References
https://bugzilla.suse.com/show_bug.cgi?id=1199629
ExploitIssue TrackingThird Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1199629
ExploitIssue TrackingThird Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.3 · Medium
Information
Source identifier
Vulnerability status
Modified
Published
2022-06-22T08:15:08.023Z
3 years agoLast modified
2024-11-21T06:04:13.040Z
1 year ago