Suse Manager Server 4.0 Vulnerabilities

Suse Suse Manager Server 4.0 vulnerabilities.

30 June 2021

cryptctl: client side password hashing is equivalent to clear text password storage
CVE-2019-18906
SuseSuse Linux Enterprise ...9.8CRITICAL

28 June 2021

arpwatch: Local privilege escalation from runtime user to root
CVE-2021-25321
SuseSuse Linux Enterprise ...7.8HIGH

5 May 2021

cups: ownership of /var/log/cups allows the lp user to create files as root
CVE-2021-25317
SuseSuse Linux Enterprise ...3.3LOW

17 September 2020

salt-api is accessible to every user on SUSE Manager Server
CVE-2020-8028
SuseSuse Linux Enterprise ...9.3CRITICAL

No more vulnerabilities to load.