Sensitive Information Exposure in SUSE Multi Linux Manager
CVE-2025-46809

6.9MEDIUM

What is CVE-2025-46809?

An insertion of sensitive information into the log file vulnerability in SUSE Multi Linux Manager allows the exposure of HTTP proxy credentials. This misconfiguration affects multiple versions of the product, leading to potential unauthorized access. It is critical for users of the impacted versions to take immediate action to secure their systems and prevent potential exploitation. Regular updates and patch management are essential to mitigate risks associated with such vulnerabilities.

Affected Version(s)

Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1 ? < 5.0.27-150600.3.33.1

Image SLES15-SP4-Manager-Server-4-3-BYOS ? < 4.3.87-150400.3.110.2

Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure ? < 4.3.87-150400.3.110.2

References

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-46809 : Sensitive Information Exposure in SUSE Multi Linux Manager