Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:novell:suse_lifecycle_management_server:1.3:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-3709 |
WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file. Published: December 23, 2013; 6:55:04 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2013-7042 |
SUSE Lifecycle Management Server (SLMS) before 1.3.7 uses world-readable permissions for the secret keys, which allows local users to gain privileges via unspecified vectors. Published: December 10, 2013; 11:55:25 AM -0500 |
V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2013-3710 |
SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere. Published: December 10, 2013; 11:55:25 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |