Suse Latest Vulnerabilities

November 13

Rancher vSphere Vulnerability: Plaintext Storage of CPI/CSI Credentials

CVE-2022-45157
SuseRancher9.1CRITICAL

October 16

Insecure Handling of SSH Keys Leads to Potential Key Access

CVE-2023-32189
SuseSuse Manager Server Mo...5.9MEDIUM

Attackers can inject malicious files into osc package sources

CVE-2024-22034
SuseSuse Linux Enterprise ...5.5MEDIUM

OBS Service Vulnerable to Command Injection Attack

CVE-2024-22033
SuseSuse Package Hub 15 Sp56.3MEDIUM

Kubernetes RKE1 Cluster Vulnerability: Plaintext Secret Values Exposed During Reconciliation

CVE-2024-22032
SuseRancher6.5MEDIUM

Rancher Vulnerability: Narrow MITM Exploit via Domain Control

CVE-2024-22030
SuseRancher8HIGH

Local User Escalation via Insecure Packaging

CVE-2024-22029
SuseContainer Suse/manager...7.8HIGH

Privilege Escalation Vulnerability in RoleTemplateObjects

CVE-2023-32196
SuseRancher6.6MEDIUM

Naming Privilege Abuse Vulnerability

CVE-2023-32194
SuseRancher7.2HIGH

Unauthenticated XSS vulnerability in Norman's public API endpoint can lead to remote code execution

CVE-2023-32193
SuseNorman8.3HIGH

Unauthenticated Cross-Site Scripting (XSS) Vulnerability

CVE-2023-32192
SuseApiserver8.3HIGH

Non-admin users can escalate to admin rights via configmap

CVE-2023-32191
SuseRke9.9CRITICAL

Mlocate Vulnerability Allows Arbitrary File Read by Root Users

CVE-2023-32190
SuseOpensuse Tumbleweed

NeuVector Token Reverse Engineering Leads to Remote Code Execution

CVE-2023-32188
SuseNeuvector

Rancher Vulnerability: Unauthorized Access via Deleted Users

CVE-2023-22650
SuseRancher8.8HIGH

Sensitive Data at Risk of Leakage in Rancher Audit Logs

CVE-2023-22649
SuseRancher6.5MEDIUM

September 20

JWT token compromise can allow malicious actions including Remote Code Execution (RCE)

CVE-2023-22644
SuseNeuvector5.5MEDIUM

September 19

CVE-2023-32182
SuseSuse Linux Enterprise ...5.9MEDIUM

CVE-2023-32186
SUSERKE27.5HIGH

September 18

CVE-2023-32187
SUSEk3s7.5HIGH

June 1

CVE-2023-22648
SuseRancher8.8HIGH

CVE-2023-22647
SuseRancher8HIGH

CVE-2022-43760
SuseRancher8.4HIGH

May 4

CVE-2023-22651
SUSERancher9.9CRITICAL

April 19

kubewarden: Excessive permissions for kubewarden-controller-manager-cluster-role

CVE-2023-22645
SUSEkubewarden8.8HIGH

March 15

obs-service-go_modules: arbitrary directory delete

CVE-2022-45155
SuseOpensuse Factory5.5MEDIUM

February 15

saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls

CVE-2022-45153
SuseSuse Linux Enterprise ...7HIGH

supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh

CVE-2022-45154
SuseSuse Linux Enterprise ...4.4MEDIUM

February 7

Rancher: Exposure of sensitive fields

CVE-2022-43757
SuseRancher9.9CRITICAL

Rancher/Wrangler: Denial of service when processing Git credentials

CVE-2022-43756
SuseRancher5.9MEDIUM

[RANCHER] OS command injection in Rancher and Fleet

CVE-2022-31249
SuseRancher7.5HIGH

Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster

CVE-2022-21953
SuseRancher7.4HIGH

Rancher: Privilege escalation via promoted roles

CVE-2022-43759
SuseRancher7.2HIGH

rmt-server-pubcloud allows to escalate from user _rmt to root

CVE-2022-31254
SuseSuse Linux Enterprise ...7.8HIGH

libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls

CVE-2023-22643
SUSESUSE Linux Enterprise ...7.8HIGH

Rancher: Non-random authentication token

CVE-2022-43755
SuseRancher7.1HIGH

Rancher: Command injection in Git package

CVE-2022-43758
SuseRancher7.6HIGH

November 10

SUMA/UYUNI directory path traversal vulnerability in CobblerSnipperViewAction

CVE-2022-31255
SuseSuse Linux Enterprise ...4.3MEDIUM

SUMA/UYUNI reflected cross site scripting in /rhn/audit/scap/Search.do

CVE-2022-43754
SuseSuse Linux Enterprise ...2.6LOW

SUMA/UYUNI arbitrary file disclosure vulnerability in ScapResultDownload

CVE-2022-43753
SuseSuse Linux Enterprise ...4.3MEDIUM

October 26

sendmail: mail to root privilege escalation via sm-client.pre script

CVE-2022-31256
SuseOpensuse Factory7.7HIGH

October 6

permissions: chkstat does not check for group-writable parent directories or target files in safeOpen()

CVE-2022-31252
SuseSuse Linux Enterprise ...4.4MEDIUM

September 7

Rancher: Plaintext storage and exposure of credentials in Rancher API and cluster.management.cattle.io object

CVE-2021-36782
SuseRancher👾9.9CRITICAL

Rancher: Failure to properly sanitize credentials in cluster template answers

CVE-2021-36783
SuseRancher9.9CRITICAL

Rancher: Downstream cluster privilege escalation through cluster and project role template binding (CRTB/PRTB)

CVE-2022-31247
SuseRancher9.1CRITICAL

slurm: %post for slurm-testsuite operates as root in user owned directory

CVE-2022-31251
SuseOpensuse Factory6.5MEDIUM

June 22

SUMA user enumeration via weak error message

CVE-2022-31248
SuseSuse Manager Server 4.15.3MEDIUM

SUMA unauthenticated remote DoS via resource exhaustion

CVE-2022-21952
SuseSuse Manager Server 4.17.5HIGH

May 25

Rancher: Weave CNI password is not set if RKE template is used with CNI value overridden

CVE-2022-21951
SuseRancher6.8MEDIUM

May 3

Multiple XXE vulnerabilities in OBS

CVE-2022-21949
SuseOpen Build Service8.8HIGH

May 2

Exposure of repository credentials to external third-party sources

CVE-2021-36778
SuseRancher7.3HIGH

Write access to the Catalog for any user when restricted-admin role is enabled

CVE-2021-4200
SuseRancher5.4MEDIUM

Privilege escalation for users with create/update permissions in Global Roles

CVE-2021-36784
SuseRancher7.2HIGH

April 4

Deleting PRTBs associated to a group doesn't cause deletion of corresponding RoleBindings

CVE-2021-36775
SuseRancher8.8HIGH

Steve API proxy impersonation

CVE-2021-36776
SuseRancher8.8HIGH

April 1

rancher desktop: Dashboard API is network accessible

CVE-2022-21947
SuseRancher8.3HIGH

March 16

grub2-once uses fixed file name in /var/tmp

CVE-2021-46705
SuseSuse Linux Enterprise ...5.1MEDIUM

December 17

Host operations allowed in privileged Longhorn managed pods

CVE-2021-36779
SuseLonghorn9.6CRITICAL

Unauthorized data access from replicas through vulnerable instance manager pods

CVE-2021-36780
SuseLonghorn8.1HIGH

July 28

K3s/RKE2 bootstrap data is encrypted with empty string if user does not supply a token

CVE-2021-32001
SuseRancher6.5MEDIUM

clone-master-clean-up: dangerous file system operations

CVE-2021-32000
SuseSuse Linux Enterprise ...3.2LOW

June 30

cryptctl: client side password hashing is equivalent to clear text password storage

CVE-2019-18906
SuseSuse Linux Enterprise ...9.8CRITICAL

June 28

arpwatch: Local privilege escalation from runtime user to root

CVE-2021-25321
SuseSuse Linux Enterprise ...7.8HIGH

June 10

inn: %post calls user owned file allowing local privilege escalation to root

CVE-2021-31998
SuseSuse Linux Enterprise ...6.8MEDIUM

May 5

cups: ownership of /var/log/cups allows the lp user to create files as root

CVE-2021-25317
SuseSuse Linux Enterprise ...3.3LOW

April 14

Local DoS of VM live migration due to use of static tmp files in detach_disks.sh in s390-tools

CVE-2021-25316
SuseSuse Linux Enterprise ...3.3LOW

hawk: Insecure file permissions

CVE-2021-25314
SuseSuse Linux Enterprise ...7.8HIGH

March 5

Rancher: XSS on /v3/cluster/

CVE-2021-25313
SuseRancher7.1HIGH

March 3

salt-api unauthenticated remote code execution

CVE-2021-25315
SuseSuse Linux Enterprise ...9.8CRITICAL

February 11

skuba: Insecure /tmp usage when joining node to cluster

CVE-2020-8030
SuseSuse Caas Platform 4.53.6LOW

skuba: Insecure handling of private key

CVE-2020-8029
SuseSuse Caas Platform 4.52.9LOW

openldap uses fixed paths in /tmp

CVE-2020-8027
SuseSuse Linux Enterprise ...7.3HIGH

September 17

salt-api is accessible to every user on SUSE Manager Server

CVE-2020-8028
SuseSuse Linux Enterprise ...9.3CRITICAL

September 1

Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2

CVE-2020-8023
SuseSuse Enterprise Storage 57.7HIGH

August 7

outdated entries in permissions profiles for /var/lib/pcp/tmp/* may cause security issues

CVE-2020-8025
SuseSuse Linux Enterprise ...6.1MEDIUM

June 29

osc: stores downloaded (supposed) RPM in network-controlled filesystem paths

CVE-2019-3681
SuseSuse Linux Enterprise ...7.5HIGH

User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges

CVE-2020-8022
SuseSuse Enterprise Storage 57.7HIGH

syslog-ng: Local privilege escalation from new to root in %post

CVE-2020-8019
SuseSuse Linux Enterprise ...7.7HIGH

May 4

User owned /etc in SLES15-SP1-CHOST-BYOS

CVE-2020-8018
SuseSuse Linux Enterprise ...8.4HIGH

April 3

Migrations requests can cause DoS on rmt

CVE-2019-18904
SuseSuse Linux Enterprise ...6.5MEDIUM

Deprecated functionality in autoyast2 automatically imports gpg keys without checking them

CVE-2019-18905
SuseSuse Linux Enterprise ...4.8MEDIUM

crowbar provision leaks admin password to all nodes in cleartext

CVE-2018-17954
SuseSuse Openstack Cloud 79.3CRITICAL

April 2

race condition in the packaging of texlive-filesysten

CVE-2020-8016
SuseSuse Linux Enterprise ...4.9MEDIUM

race condition on texlive-filesystem cron job allows for the deletion of unintended files

CVE-2020-8017
SuseSuse Linux Enterprise ...6.2MEDIUM

March 3

pcp: Local privilege escalation from user pcp to root through migrate_tempdirs

CVE-2019-3696
SuseSuse Linux Enterprise ...8.4HIGH

pcp: Local privilege escalation from user pcp to root

CVE-2019-3695
SuseSuse Linux Enterprise ...8.4HIGH

March 2

wicked: Use-after-free when receiving invalid DHCP6 IA_PD option

CVE-2019-18903
SuseSuse Linux Enterprise ...7.5HIGH

permissions: chkstat sets unintended setuid/capabilities for mrsh and wodim

CVE-2020-8013
SuseSuse Linux Enterprise ...2.2LOW

wicked: Use-after-free when receiving invalid DHCP6 client options

CVE-2019-18902
SuseSuse Linux Enterprise ...7.5HIGH

mysql-systemd-helper allows setting 640 permissions of arbitrary files

CVE-2019-18901
SuseSuse Linux Enterprise ...5.1MEDIUM

Local privilege escalation from user salt to root

CVE-2019-18897
SuseSuse Linux Enterprise ...8.4HIGH

February 28

nagios cron job allows privilege escalation from user nagios to root

CVE-2019-3698
SuseSuse Linux Enterprise ...5.7MEDIUM

January 27

obs-service-extract_file's outfilename parameter allows to write files outside of package directory

CVE-2018-12476
SuseSuse Linux Enterprise ...4.3MEDIUM

SQL injection in ui-server/app/models/diary_entry.rb in SUSE Studio onsite

CVE-2017-14807
SuseStudio Onsite8.1HIGH

Insecure handling of repodata and packages in SUSE Studio onlite

CVE-2017-14806
SuseStudio Onsite3.7LOW

yast2-rmt exposes CA private key passhrase in log-file

CVE-2018-20105
SuseSuse Linux Enterprise ...4MEDIUM

January 24

Local privilege escalation from user wwwrun to root in the packaging of mailman

CVE-2019-3693
SuseSuse Linux Enterprise ...7.7HIGH

"easy" permission profile allows everyone execute dumpcap and read all network traffic

CVE-2019-3687
SuseSuse Linux Enterprise ...4MEDIUM

libzypp stores cookies world readable

CVE-2019-18900
SuseCaas Platform 3.04MEDIUM

Local privilege escalation from user news to root in the packaging of inn

CVE-2019-3692
SuseSuse Linux Enterprise ...7.7HIGH