8 matches found
openSUSE Security Advisory (SUSE-SU-2024:3911-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for SUSE Manager Server 4.2 (SUSE-SU-2023:2594-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: apache2-mod_wsgi / billing-data-service / inter-server-sync / etc (SUSE-SU-2023:4737-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2023:4737-1 advisory. billing-data-service: - Version 4.3.2-1 Relax dependency to csp-billing-adapter-service inter-server-sync: - Version 0.3.1 Require at least Go 1.20 for...
CVE-2023-22644
A user can reverse engineer the JWT token JSON Web Token used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE...
CVE-2023-22644 JWT token compromise can allow malicious actions including Remote Code Execution (RCE)
A user can reverse engineer the JWT token JSON Web Token used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE...
CVE-2023-22644
CVE-2023-22644 describes a JWT authentication weakness in NeuVector where an attacker can reverse engineer the token used for Manager and API access to forge a valid NeuVector token, enabling malicious activity and potentially Remote Code Execution (RCE). Public details in the provided documents ...
SUSE-RU-2023:2595-1 Security update for SUSE Manager Server 4.2
This update fixes the following issues: branch-network-formula: - Update to version 0.1.1680167239.23f2fec Remove unnecessary import of 'salt.ext.six' cpu-mitigations-formula: - Update to version 0.5.0: Mark all SUSE Linux Enterprise 15 SP4 and newer and openSUSE 15.4 and newer as supported...
SUSE CVE-2023-22644
A user can reverse engineer the JWT token JSON Web Token used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE...