Insecure Handling of SSH Keys Leads to Potential Key Access

CVE-2023-32189

5.9MEDIUM

Key Information

Vendor: Suse
Status: Suse Manager Server Module 4.3
Vendor: CVE Published:; 16 October 2024

Summary

Insecure handling of ssh keys used to bootstrap clients allows local attackers to potentially gain access to the keys

Affected Version(s)

SUSE Manager Server Module 4.3 < 4.3.27-150400.3.38.2

SUSE Manager Server Module 4.3 < 4.3.27-150400.3.38.2

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published.
Oct 16, 2024
Vulnerability Reserved.
May 4, 2023

Collectors

NVD DatabaseMitre Database

.