Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-18906 | 2 Opensuse, Suse | 3 Cryptctl, Linux Enterprise Server, Manager Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, SUSE Manager Server 4.0 allows attackers with access to the hashed password to use it without having to crack it. This issue affects: SUSE Linux Enterprise Server for SAP 12-SP5 cryptctl versions prior to 2.4. SUSE Manager Server 4.0 cryptctl versions prior to 2.4. | |||||
CVE-2017-9270 | 1 Opensuse | 1 Cryptctl | 2024-11-21 | 8.5 HIGH | 8.7 HIGH |
In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database. |