Information Disclosure Vulnerability in SUSE Lifecycle Management Server
CVE-2011-0993

Currently unrated

Key Information:

Vendor: Novell
Status: Suse Lifecycle Management Server
Vendor: CVE Published:; 16 April 2014

Summary

The SUSE Lifecycle Management Server versions prior to 1.1 inadvertently expose world-readable PostgreSQL credentials. This flaw enables local users to access sensitive database information through unspecified methods, potentially leading to unauthorized data access and breaches in system integrity.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/95697

vdb-entryx_refsource_XF

http://lists.opensuse.org/opensuse-security-announce/2011...

vendor-advisoryx_refsource_SUSE

Timeline

Vulnerability published
Apr 16, 2014
Vulnerability Reserved
Feb 14, 2011