admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2022/45xxx/CVE-2022-45154.json

123 lines
4.8 KiB
JSON
Raw Normal View History

"-Synchronized-Data."
2022-11-11 15:00:32 +00:00
{
"CVE_data_meta": {
data for CVE-2022-45154
2023-02-15 10:21:21 +01:00
"ASSIGNER": "security@suse.de",
"DATE_PUBLIC": "2023-01-26T00:00:00.000Z",
"-Synchronized-Data."
2022-11-11 15:00:32 +00:00
"ID": "CVE-2022-45154",
data for CVE-2022-45154
2023-02-15 10:21:21 +01:00
"STATE": "PUBLIC",
"TITLE": "supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh"
"-Synchronized-Data."
2022-11-11 15:00:32 +00:00
},
data for CVE-2022-45154
2023-02-15 10:21:21 +01:00
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise Server 12",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "supportutils",
"version_value": "3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Server 15",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "supportutils",
"version_value": "3.1.21-150000.5.44.1"
}
]
}
},
{
"product_name": "SUSE Linux Enterprise Server 15 SP3",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "supportutils",
"version_value": "3.1.21-150300.7.35.15.1"
}
]
}
}
]
},
"vendor_name": "SUSE"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Nozomi Matsuzawa"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"-Synchronized-Data."
2022-11-11 15:00:32 +00:00
"description": {
"description_data": [
{
"lang": "eng",
data for CVE-2022-45154
2023-02-15 10:21:21 +01:00
"value": "A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials\nThis issue affects:\nSUSE Linux Enterprise Server 12\nsupportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions.\nSUSE Linux Enterprise Server 15\nsupportutils version 3.1.21-150000.5.44.1 and prior versions.\nSUSE Linux Enterprise Server 15 SP3\nsupportutils version 3.1.21-150300.7.35.15.1 and prior versions."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-312: Cleartext Storage of Sensitive Information"
}
]
"-Synchronized-Data."
2022-11-11 15:00:32 +00:00
}
]
data for CVE-2022-45154
2023-02-15 10:21:21 +01:00
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1207598",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1207598"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1207598",
"defect": [
"1207598"
],
"discovery": "INTERNAL"
"-Synchronized-Data."
2022-11-11 15:00:32 +00:00
}
data for CVE-2022-45154
2023-02-15 10:21:21 +01:00
}
Reference in New Issue Copy Permalink