漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
cryptctl: client side password hashing is equivalent to clear text password storage
Vulnerability Description
A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, SUSE Manager Server 4.0 allows attackers with access to the hashed password to use it without having to crack it. This issue affects: SUSE Linux Enterprise Server for SAP 12-SP5 cryptctl versions prior to 2.4. SUSE Manager Server 4.0 cryptctl versions prior to 2.4.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
认证机制不恰当
Vulnerability Title
SUSE Manager和SUSE Linux Enterprise Server 授权问题漏洞
Vulnerability Description
SUSE Manager和SUSE Linux Enterprise Server都是德国SUSE公司的产品。SUSE Manager是一套Linux服务器管理系统。该系统提供自动化软件管理、系统配置和监控等功能。SUSE Linux Enterprise Server是一套企业服务器版Linux操作系统。 SUSE多款产品存在授权问题漏洞,该漏洞源于客户端密码哈希相当于明文密码存储。受影响产品: SUSE Manager Server 4.0、SUSE Manager Retail Branch Ser
CVSS Information
N/A
Vulnerability Type
N/A