CVE-2024-22034
Published: Oct 16, 2024
Modified: Oct 31, 2024
CVSS v3.1
5.5
Description
Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim
| Vendor | Product | Versions |
|---|---|---|
SUSE | SUSE Linux Enterprise Desktop 15 SP5 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | SUSE Linux Enterprise High Performance Computing 15 SP5 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | SUSE Linux Enterprise Module for Development Tools 15 SP5 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | SUSE Linux Enterprise Server 15 SP5 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | SUSE Linux Enterprise Desktop 15 SP6 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | SUSE Linux Enterprise High Performance Computing 15 SP6 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | SUSE Linux Enterprise Module for Development Tools 15 SP6 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | SUSE Linux Enterprise Server 15 SP6 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | SUSE Linux Enterprise Server for SAP Applications 15 SP6 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | SUSE Linux Enterprise Server 12 SP5 | affected ? - < 0.183.0-15.18.1 |
SUSE | SUSE Linux Enterprise Server for SAP Applications 12 SP5 | affected ? - < 0.183.0-15.18.1 |
SUSE | SUSE Linux Enterprise Software Development Kit 12 SP5 | affected ? - < 0.183.0-15.18.1 |
SUSE | openSUSE Leap 15.5 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | openSUSE Leap 15.6 | affected ? - < 1.9.0-150400.10.6.1 |
SUSE | openSUSE Tumbleweed | affected ? - < 1.9.0-1.1 |
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now