vulnerability
SUSE: CVE-2019-18900: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | Jan 13, 2020 | Jan 15, 2020 | Oct 22, 2021 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Jan 13, 2020
Added
Jan 15, 2020
Modified
Oct 22, 2021
Description
: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1.
Solution(s)
suse-upgrade-libsolv-demosuse-upgrade-libsolv-develsuse-upgrade-libsolv-toolssuse-upgrade-libzyppsuse-upgrade-libzypp-develsuse-upgrade-libzypp-devel-docsuse-upgrade-perl-solvsuse-upgrade-python-solvsuse-upgrade-python3-solvsuse-upgrade-ruby-solvsuse-upgrade-zyppersuse-upgrade-zypper-aptitudesuse-upgrade-zypper-logsuse-upgrade-zypper-needs-restarting
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.