CVE-2022-31248 SUMA user enumeration via weak error message

🗓️ 22 Jun 2022 10:05:13Reported by suseType

CVE-2022-31248 SUMA user enumeration vulnerabilit

Reporter	Title	Published	Views	Family All 18
ATTACKERKB	CVE-2022-31248	20 Jun 202200:00	–	attackerkb
Circl	CVE-2022-31248	22 Jun 202214:28	–	circl
CNNVD	SUSE Manager 安全漏洞	22 Jun 202200:00	–	cnnvd
CVE	CVE-2022-31248	22 Jun 202210:05	–	cve
EUVD	EUVD-2022-52826	3 Oct 202520:07	–	euvd
NVD	CVE-2022-31248	22 Jun 202210:15	–	nvd
OSV	SUSE-SU-2022:2143-1 Recommended update for SUSE Manager 4.1.15 Release Notes	20 Jun 202214:10	–	osv
OSV	SUSE-SU-2022:2144-1 Security update for SUSE Manager Server 4.2	20 Jun 202214:11	–	osv
OSV	SUSE-SU-2022:2145-1 Security update for SUSE Manager Server 4.1	20 Jun 202214:12	–	osv
OSV	SUSE-SU-2022:2146-1 Security update for release-notes-susemanager, release-notes-susemanager-proxy	20 Jun 202214:15	–	osv

[
  {
    "product": "SUSE Manager Server 4.1",
    "vendor": "SUSE",
    "versions": [
      {
        "lessThan": "4.1.46-1",
        "status": "affected",
        "version": "spacewalk-java",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "SUSE Manager Server 4.2",
    "vendor": "SUSE",
    "versions": [
      {
        "lessThan": "4.2.37-1",
        "status": "affected",
        "version": "spacewalk-java",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.suse.com/show_bug.cgi

22 Jun 2022 10:05Current

5.6Medium risk

Vulners AI Score5.6

CVSS 3.15.3

EPSS0.00865

CWE-204