SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.
oryginał ENCVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:CSUSE Studio Extension For System Z
APPSuse1.3SUSE Studio Onsite
APPSuse1.31.3.11.3.21.3.31.3.41.3.5
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
CWE
Powiązane podatności
CVE-2014-7169CRITICAL9.8⚠ KEVten sam produkt
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the...
CVE-2014-6271CRITICAL9.8⚠ KEVten sam produkt
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variab...
CVE-2014-9846CRITICAL9.8ten sam produkt
Buffer overflow in the ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to...
CVE-2016-5118CRITICAL9.8ten sam produkt
The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and ImageMagick allows remote attackers to exe...
CVE-2016-0718CRITICAL9.8ten sam produkt
Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary co...