A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. This issue affects: SUSE Linux Enterprise Server 15 yast2-rmt versions prior to 1.2.2. openSUSE Leap yast2-rmt versions prior to 1.2.2.
References
Configurations
History
07 Nov 2023, 02:56
Type | Values Removed | Values Added |
---|---|---|
References | () https://bugzilla.suse.com/show_bug.cgi?id=1119835 - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00035.html - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00015.html - |
Information
Published : 2020-01-27 09:15
Updated : 2024-02-28 17:28
NVD link : CVE-2018-20105
Mitre link : CVE-2018-20105
CVE.ORG link : CVE-2018-20105
JSON object : View
Products Affected
yast2-rmt_project
- yast2-rmt
opensuse
- leap
suse
- suse_linux_enterprise_server
CWE
CWE-532
Insertion of Sensitive Information into Log File