QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-46809

Back to search

CVE-2025-46809

Published: Jul 31, 2025

Modified: Sep 3, 2025

PUBLISHED

CVSS v3.1

5.7

MEDIUM

Description

A Plaintext Storage of a Password vulnerability in SUSE exposes the credentials for the HTTP proxy in the log files. This issue affects Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1: from ? before 4.3.33-150400.3.55.2; Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.7.23.1: from ? before 5.0.14-150600.4.17.1; Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.14-150600.4.17.1; Image SLES15-SP4-Manager-Proxy-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.33-150400.3.55.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.33-150400.3.55.2; SUSE Manager Proxy Module 4.3: from ? before 4.3.33-150400.3.55.2; SUSE Manager Server Module 4.3: from ? before 4.3.33-150400.3.55.2.

VendorProductVersions

SUSE

Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1

affected
? - < 4.3.33-150400.3.55.2

SUSE

Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.7.23.1

affected
? - < 5.0.14-150600.4.17.1

SUSE

Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1

affected
? - < 5.0.14-150600.4.17.1

SUSE

Image SLES15-SP4-Manager-Proxy-4-3-BYOS

affected
? - < 4.3.33-150400.3.55.2

SUSE

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure

affected
? - < 4.3.33-150400.3.55.2

SUSE

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2

affected
? - < 4.3.33-150400.3.55.2

SUSE

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE

affected
? - < 4.3.33-150400.3.55.2

SUSE

Image SLES15-SP4-Manager-Server-4-3-BYOS

affected
? - < 4.3.33-150400.3.55.2

SUSE

Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure

affected
? - < 4.3.33-150400.3.55.2

SUSE

Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2

affected
? - < 4.3.33-150400.3.55.2

SUSE

Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE

affected
? - < 4.3.33-150400.3.55.2

SUSE

SUSE Manager Proxy Module 4.3

affected
? - < 4.3.33-150400.3.55.2

SUSE

SUSE Manager Server Module 4.3

affected
? - < 4.3.33-150400.3.55.2

Weaknesses (CWE)

CWE-256

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now