Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-8028 (GCVE-0-2020-8028)
Vulnerability from cvelistv5
Published
2020-09-17 08:45
Modified
2024-09-17 03:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-284 - Improper Access Control
Summary
A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | SUSE | SUSE Linux Enterprise Module for SUSE Manager Server 4.1 |
Version: salt-netapi-client < 0.17.0-3.3.2 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:48:25.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1175884"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SUSE Linux Enterprise Module for SUSE Manager Server 4.1",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.17.0-3.3.2",
"status": "affected",
"version": "salt-netapi-client",
"versionType": "custom"
}
]
},
{
"product": "SUSE Manager Server 3.2",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.16.0-4.14.1",
"status": "affected",
"version": "salt-netapi-client",
"versionType": "custom"
}
]
},
{
"product": "SUSE Manager Server 4.0",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.17.0-4.6.3",
"status": "affected",
"version": "salt-netapi-client",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-09-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-17T08:45:16",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1175884"
}
],
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1175884",
"defect": [
"1175884"
],
"discovery": "EXTERNAL"
},
"title": "salt-api is accessible to every user on SUSE Manager Server",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2020-09-16T00:00:00.000Z",
"ID": "CVE-2020-8028",
"STATE": "PUBLIC",
"TITLE": "salt-api is accessible to every user on SUSE Manager Server"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise Module for SUSE Manager Server 4.1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "salt-netapi-client",
"version_value": "0.17.0-3.3.2"
}
]
}
},
{
"product_name": "SUSE Manager Server 3.2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "salt-netapi-client",
"version_value": "0.16.0-4.14.1"
}
]
}
},
{
"product_name": "SUSE Manager Server 4.0",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "salt-netapi-client",
"version_value": "0.17.0-4.6.3"
}
]
}
}
]
},
"vendor_name": "SUSE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1175884",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1175884"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1175884",
"defect": [
"1175884"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2020-8028",
"datePublished": "2020-09-17T08:45:16.816494Z",
"dateReserved": "2020-01-27T00:00:00",
"dateUpdated": "2024-09-17T03:54:59.705Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-8028\",\"sourceIdentifier\":\"meissner@suse.de\",\"published\":\"2020-09-17T10:15:15.323\",\"lastModified\":\"2024-11-21T05:38:15.073\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad de control de acceso inapropiado en la configuraci\u00f3n de la sal de SUSE Linux Enterprise Module para SUSE Manager Server versi\u00f3n 4.1, SUSE Manager Proxy versi\u00f3n 4.0, SUSE Manager Retail Branch Server versi\u00f3n 4.0, SUSE Manager Server versi\u00f3n 3.2, SUSE Manager Server versi\u00f3n 4.0 permite a los usuarios locales escalar a root en todos los sistemas gestionados por el administrador de SUSE.\u0026#xa0;En el propio nodo de gesti\u00f3n, el c\u00f3digo se puede ejecutar como la sal de usuario, lo que potencialmente permite una escalada a root ah\u00ed.\u0026#xa0;Este problema afecta a: SUSE Linux Enterprise Module para SUSE Manager Server versiones 4.1 google-gson anteriores a 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-.\u0026#xa0;SUSE Manager Proxy versiones 4.0 release-notes-susemanager-proxy anteriores a 4.0.9-0.16.38.1.\u0026#xa0;SUSE Manager Retail Branch Server versiones 4.0 release-notes-susemanager-proxy anteriores a 4.0.9-0.16.38.1.\u0026#xa0;SUSE Manager Server versiones 3.\u0026#xa0;2 salt-netapi-client anteriores a 0.16.0-4.14.1, spacewalk-.\u0026#xa0;SUSE Manager Server versiones 4.0 release-notes-susemanager anteriores a 4.0.9-3.54.1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"meissner@suse.de\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":6.0}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"meissner@suse.de\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-284\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:salt-netapi-client:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.17.0-3.3.2\",\"matchCriteriaId\":\"D48DA175-6217-4420-9E2D-F67ED6C2AB3E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5810E98-7BF5-42E2-9DE9-661049ABE367\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:salt-netapi-client:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.16.0-4.14.1\",\"matchCriteriaId\":\"56EC014D-79DA-4990-841C-901E4CD2D7D0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:suse:manager_server:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1F68F28-E248-4424-9AD8-0D6294B9666F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:suse:salt-netapi-client:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.17.0-4.6.3\",\"matchCriteriaId\":\"EC5421E8-063D-4467-A680-4A48E1C84AE8\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:a:suse:manager_server:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51136B38-5715-49B3-BD8D-91F90632247D\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1175884\",\"source\":\"meissner@suse.de\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1175884\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Vendor Advisory\"]}]}}"
}
}
gsd-2020-8028
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-8028",
"description": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.",
"id": "GSD-2020-8028",
"references": [
"https://www.suse.com/security/cve/CVE-2020-8028.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-8028"
],
"details": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.",
"id": "GSD-2020-8028",
"modified": "2023-12-13T01:21:54.200129Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"DATE_PUBLIC": "2020-09-16T00:00:00.000Z",
"ID": "CVE-2020-8028",
"STATE": "PUBLIC",
"TITLE": "salt-api is accessible to every user on SUSE Manager Server"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SUSE Linux Enterprise Module for SUSE Manager Server 4.1",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "salt-netapi-client",
"version_value": "0.17.0-3.3.2"
}
]
}
},
{
"product_name": "SUSE Manager Server 3.2",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "salt-netapi-client",
"version_value": "0.16.0-4.14.1"
}
]
}
},
{
"product_name": "SUSE Manager Server 4.0",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "salt-netapi-client",
"version_value": "0.17.0-4.6.3"
}
]
}
}
]
},
"vendor_name": "SUSE"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1175884",
"refsource": "CONFIRM",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1175884"
}
]
},
"source": {
"advisory": "https://bugzilla.suse.com/show_bug.cgi?id=1175884",
"defect": [
"1175884"
],
"discovery": "EXTERNAL"
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "[,0.16.0-4.14.1),[0.17.0,0.17.0-4.6.3)",
"affected_versions": "All versions after 0.16.0-4.14.1 before 0.17.0-4.6.3",
"cvss_v2": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"cvss_v3": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-284",
"CWE-937"
],
"date": "2020-09-28",
"description": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server, SUSE Manager Proxy, SUSE Manager Retail Branch Server, SUSE Manager Server, SUSE Manager Server allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server google-gson, httpcomponents-client, httpcomponents, SUSE Manager Proxy release-notes-susemanager-proxy, SUSE Manager Retail Branch Server release-notes-susemanager-proxy, SUSE Manager Server salt-netapi-client, spacewalk, SUSE Manager Server release-notes-susemanager.",
"fixed_versions": [
"0.16.0-4.14.1",
"0.17.0-4.6.3"
],
"identifier": "CVE-2020-8028",
"identifiers": [
"CVE-2020-8028"
],
"not_impacted": "All versions before 0.16.0-4.14.1, all versions after 0.17.0 before 0.17.0-4.6.3",
"package_slug": "maven/com.suse.salt/salt-netapi-client",
"pubdate": "2020-09-17",
"solution": "Upgrade to versions 0.16.0-4.14.1, 0.17.0-4.6.3, or higher",
"title": "Improper Access Control",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-8028",
"https://bugzilla.suse.com/show_bug.cgi?id=1175884"
],
"uuid": "f533a007-621e-4780-a97f-17c068458c55"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:salt-netapi-client:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.17.0-3.3.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:salt-netapi-client:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.16.0-4.14.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:manager_server:3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:salt-netapi-client:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.17.0-4.6.3",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:suse:manager_server:4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@suse.com",
"ID": "CVE-2020-8028"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.suse.com/show_bug.cgi?id=1175884",
"refsource": "CONFIRM",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1175884"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 6.0
}
},
"lastModifiedDate": "2020-09-28T19:43Z",
"publishedDate": "2020-09-17T10:15Z"
}
}
}
suse-su-2020:2647-1
Vulnerability from csaf_suse
Published
2020-09-16 12:22
Modified
2020-09-16 12:22
Summary
Security update for for SUSE Manager 4.1
Notes
Title of the patch
Security update for for SUSE Manager 4.1
Description of the patch
This update for SUSE Manager 4.1 fixes the following issues:
google-gson:
- Use packages from SUSE:SLE-15-SP2:Update:Products:Manager41:Update to fix building other packages.
httpcomponents-client:
- Use packages from SUSE:SLE-15-SP2:Update:Products:Manager41:Update to fix building other packages.
httpcomponents-core:
- Use packages from SUSE:SLE-15-SP2:Update:Products:Manager41:Update to fix building other packages.
salt-netapi-client:
- Refresh authentication module list to newer Salt versions
spacewalk-admin:
- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)
spacewalk-java:
- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)
spacewalk-setup:
- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)
velocity:
- Use packages from SUSE:SLE-15-SP2:Update:Products:Manager41:Update to fix building other packages.
Patchnames
SUSE-2020-2647,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2020-2647
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for for SUSE Manager 4.1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for SUSE Manager 4.1 fixes the following issues:\n\ngoogle-gson:\n\n- Use packages from SUSE:SLE-15-SP2:Update:Products:Manager41:Update to fix building other packages.\n\nhttpcomponents-client:\n\n- Use packages from SUSE:SLE-15-SP2:Update:Products:Manager41:Update to fix building other packages.\n\nhttpcomponents-core:\n\n- Use packages from SUSE:SLE-15-SP2:Update:Products:Manager41:Update to fix building other packages.\n\nsalt-netapi-client:\n\n- Refresh authentication module list to newer Salt versions\n\nspacewalk-admin:\n\n- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)\n\nspacewalk-java:\n\n- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)\n\nspacewalk-setup:\n\n- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)\n\nvelocity:\n\n- Use packages from SUSE:SLE-15-SP2:Update:Products:Manager41:Update to fix building other packages.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-2647,SUSE-SLE-Module-SUSE-Manager-Server-4.1-2020-2647",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_2647-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:2647-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20202647-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:2647-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-September/007434.html"
},
{
"category": "self",
"summary": "SUSE Bug 1175884",
"url": "https://bugzilla.suse.com/1175884"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8028 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8028/"
}
],
"title": "Security update for for SUSE Manager 4.1",
"tracking": {
"current_release_date": "2020-09-16T12:22:50Z",
"generator": {
"date": "2020-09-16T12:22:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:2647-1",
"initial_release_date": "2020-09-16T12:22:50Z",
"revision_history": [
{
"date": "2020-09-16T12:22:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "google-gson-2.8.5-3.4.3.noarch",
"product": {
"name": "google-gson-2.8.5-3.4.3.noarch",
"product_id": "google-gson-2.8.5-3.4.3.noarch"
}
},
{
"category": "product_version",
"name": "google-gson-javadoc-2.8.5-3.4.3.noarch",
"product": {
"name": "google-gson-javadoc-2.8.5-3.4.3.noarch",
"product_id": "google-gson-javadoc-2.8.5-3.4.3.noarch"
}
},
{
"category": "product_version",
"name": "httpcomponents-client-4.5.6-3.4.2.noarch",
"product": {
"name": "httpcomponents-client-4.5.6-3.4.2.noarch",
"product_id": "httpcomponents-client-4.5.6-3.4.2.noarch"
}
},
{
"category": "product_version",
"name": "httpcomponents-client-cache-4.5.6-3.4.2.noarch",
"product": {
"name": "httpcomponents-client-cache-4.5.6-3.4.2.noarch",
"product_id": "httpcomponents-client-cache-4.5.6-3.4.2.noarch"
}
},
{
"category": "product_version",
"name": "httpcomponents-client-javadoc-4.5.6-3.4.2.noarch",
"product": {
"name": "httpcomponents-client-javadoc-4.5.6-3.4.2.noarch",
"product_id": "httpcomponents-client-javadoc-4.5.6-3.4.2.noarch"
}
},
{
"category": "product_version",
"name": "httpcomponents-core-4.4.10-3.4.2.noarch",
"product": {
"name": "httpcomponents-core-4.4.10-3.4.2.noarch",
"product_id": "httpcomponents-core-4.4.10-3.4.2.noarch"
}
},
{
"category": "product_version",
"name": "httpcomponents-core-javadoc-4.4.10-3.4.2.noarch",
"product": {
"name": "httpcomponents-core-javadoc-4.4.10-3.4.2.noarch",
"product_id": "httpcomponents-core-javadoc-4.4.10-3.4.2.noarch"
}
},
{
"category": "product_version",
"name": "salt-netapi-client-0.17.0-3.3.2.noarch",
"product": {
"name": "salt-netapi-client-0.17.0-3.3.2.noarch",
"product_id": "salt-netapi-client-0.17.0-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-admin-4.1.6-3.3.3.noarch",
"product": {
"name": "spacewalk-admin-4.1.6-3.3.3.noarch",
"product_id": "spacewalk-admin-4.1.6-3.3.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-4.1.19-3.8.2.noarch",
"product": {
"name": "spacewalk-java-4.1.19-3.8.2.noarch",
"product_id": "spacewalk-java-4.1.19-3.8.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-apidoc-sources-4.1.19-3.8.2.noarch",
"product": {
"name": "spacewalk-java-apidoc-sources-4.1.19-3.8.2.noarch",
"product_id": "spacewalk-java-apidoc-sources-4.1.19-3.8.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-4.1.19-3.8.2.noarch",
"product": {
"name": "spacewalk-java-config-4.1.19-3.8.2.noarch",
"product_id": "spacewalk-java-config-4.1.19-3.8.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-4.1.19-3.8.2.noarch",
"product": {
"name": "spacewalk-java-lib-4.1.19-3.8.2.noarch",
"product_id": "spacewalk-java-lib-4.1.19-3.8.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-4.1.19-3.8.2.noarch",
"product": {
"name": "spacewalk-java-postgresql-4.1.19-3.8.2.noarch",
"product_id": "spacewalk-java-postgresql-4.1.19-3.8.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-setup-4.1.6-3.3.2.noarch",
"product": {
"name": "spacewalk-setup-4.1.6-3.3.2.noarch",
"product_id": "spacewalk-setup-4.1.6-3.3.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-4.1.19-3.8.2.noarch",
"product": {
"name": "spacewalk-taskomatic-4.1.19-3.8.2.noarch",
"product_id": "spacewalk-taskomatic-4.1.19-3.8.2.noarch"
}
},
{
"category": "product_version",
"name": "velocity-1.7-11.4.3.noarch",
"product": {
"name": "velocity-1.7-11.4.3.noarch",
"product_id": "velocity-1.7-11.4.3.noarch"
}
},
{
"category": "product_version",
"name": "velocity-demo-1.7-11.4.3.noarch",
"product": {
"name": "velocity-demo-1.7-11.4.3.noarch",
"product_id": "velocity-demo-1.7-11.4.3.noarch"
}
},
{
"category": "product_version",
"name": "velocity-javadoc-1.7-11.4.3.noarch",
"product": {
"name": "velocity-javadoc-1.7-11.4.3.noarch",
"product_id": "velocity-javadoc-1.7-11.4.3.noarch"
}
},
{
"category": "product_version",
"name": "velocity-manual-1.7-11.4.3.noarch",
"product": {
"name": "velocity-manual-1.7-11.4.3.noarch",
"product_id": "velocity-manual-1.7-11.4.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Server Module 4.1",
"product": {
"name": "SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-server:4.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "google-gson-2.8.5-3.4.3.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:google-gson-2.8.5-3.4.3.noarch"
},
"product_reference": "google-gson-2.8.5-3.4.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpcomponents-client-4.5.6-3.4.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:httpcomponents-client-4.5.6-3.4.2.noarch"
},
"product_reference": "httpcomponents-client-4.5.6-3.4.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpcomponents-core-4.4.10-3.4.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:httpcomponents-core-4.4.10-3.4.2.noarch"
},
"product_reference": "httpcomponents-core-4.4.10-3.4.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-netapi-client-0.17.0-3.3.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:salt-netapi-client-0.17.0-3.3.2.noarch"
},
"product_reference": "salt-netapi-client-0.17.0-3.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-admin-4.1.6-3.3.3.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-admin-4.1.6-3.3.3.noarch"
},
"product_reference": "spacewalk-admin-4.1.6-3.3.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-4.1.19-3.8.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-java-4.1.19-3.8.2.noarch"
},
"product_reference": "spacewalk-java-4.1.19-3.8.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-4.1.19-3.8.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.19-3.8.2.noarch"
},
"product_reference": "spacewalk-java-config-4.1.19-3.8.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-4.1.19-3.8.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.19-3.8.2.noarch"
},
"product_reference": "spacewalk-java-lib-4.1.19-3.8.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-4.1.19-3.8.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.19-3.8.2.noarch"
},
"product_reference": "spacewalk-java-postgresql-4.1.19-3.8.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-setup-4.1.6-3.3.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-setup-4.1.6-3.3.2.noarch"
},
"product_reference": "spacewalk-setup-4.1.6-3.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-4.1.19-3.8.2.noarch as component of SUSE Manager Server Module 4.1",
"product_id": "SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.19-3.8.2.noarch"
},
"product_reference": "spacewalk-taskomatic-4.1.19-3.8.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8028"
}
],
"notes": [
{
"category": "general",
"text": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server Module 4.1:google-gson-2.8.5-3.4.3.noarch",
"SUSE Manager Server Module 4.1:httpcomponents-client-4.5.6-3.4.2.noarch",
"SUSE Manager Server Module 4.1:httpcomponents-core-4.4.10-3.4.2.noarch",
"SUSE Manager Server Module 4.1:salt-netapi-client-0.17.0-3.3.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-admin-4.1.6-3.3.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.6-3.3.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.19-3.8.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8028",
"url": "https://www.suse.com/security/cve/CVE-2020-8028"
},
{
"category": "external",
"summary": "SUSE Bug 1175884 for CVE-2020-8028",
"url": "https://bugzilla.suse.com/1175884"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server Module 4.1:google-gson-2.8.5-3.4.3.noarch",
"SUSE Manager Server Module 4.1:httpcomponents-client-4.5.6-3.4.2.noarch",
"SUSE Manager Server Module 4.1:httpcomponents-core-4.4.10-3.4.2.noarch",
"SUSE Manager Server Module 4.1:salt-netapi-client-0.17.0-3.3.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-admin-4.1.6-3.3.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.6-3.3.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.19-3.8.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Server Module 4.1:google-gson-2.8.5-3.4.3.noarch",
"SUSE Manager Server Module 4.1:httpcomponents-client-4.5.6-3.4.2.noarch",
"SUSE Manager Server Module 4.1:httpcomponents-core-4.4.10-3.4.2.noarch",
"SUSE Manager Server Module 4.1:salt-netapi-client-0.17.0-3.3.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-admin-4.1.6-3.3.3.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-config-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-lib-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-java-postgresql-4.1.19-3.8.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-setup-4.1.6-3.3.2.noarch",
"SUSE Manager Server Module 4.1:spacewalk-taskomatic-4.1.19-3.8.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-16T12:22:50Z",
"details": "important"
}
],
"title": "CVE-2020-8028"
}
]
}
suse-su-2020:2648-1
Vulnerability from csaf_suse
Published
2020-09-16 12:23
Modified
2020-09-16 12:23
Summary
Security update for SUSE Manager 3.2
Notes
Title of the patch
Security update for SUSE Manager 3.2
Description of the patch
This update for SUSE Manager 3.2 fixes the following issues:
salt-netapi-client:
- Refresh authentication module list to newer Salt versions
spacewalk-admin:
- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)
spacewalk-java:
- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)
spacewalk-setup:
- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)
Patchnames
SUSE-2020-2648,SUSE-SUSE-Manager-Server-3.2-2020-2648
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager 3.2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for SUSE Manager 3.2 fixes the following issues:\n\nsalt-netapi-client:\n\n- Refresh authentication module list to newer Salt versions\n\nspacewalk-admin:\n\n- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)\n\nspacewalk-java:\n\n- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)\n\nspacewalk-setup:\n\n- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-2648,SUSE-SUSE-Manager-Server-3.2-2020-2648",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_2648-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:2648-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20202648-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:2648-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-September/007433.html"
},
{
"category": "self",
"summary": "SUSE Bug 1175884",
"url": "https://bugzilla.suse.com/1175884"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8028 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8028/"
}
],
"title": "Security update for SUSE Manager 3.2",
"tracking": {
"current_release_date": "2020-09-16T12:23:03Z",
"generator": {
"date": "2020-09-16T12:23:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:2648-1",
"initial_release_date": "2020-09-16T12:23:03Z",
"revision_history": [
{
"date": "2020-09-16T12:23:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "salt-netapi-client-0.16.0-4.14.1.noarch",
"product": {
"name": "salt-netapi-client-0.16.0-4.14.1.noarch",
"product_id": "salt-netapi-client-0.16.0-4.14.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-admin-2.8.4.7-3.15.1.noarch",
"product": {
"name": "spacewalk-admin-2.8.4.7-3.15.1.noarch",
"product_id": "spacewalk-admin-2.8.4.7-3.15.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-2.8.78.30-3.53.1.noarch",
"product": {
"name": "spacewalk-java-2.8.78.30-3.53.1.noarch",
"product_id": "spacewalk-java-2.8.78.30-3.53.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-apidoc-sources-2.8.78.30-3.53.1.noarch",
"product": {
"name": "spacewalk-java-apidoc-sources-2.8.78.30-3.53.1.noarch",
"product_id": "spacewalk-java-apidoc-sources-2.8.78.30-3.53.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-2.8.78.30-3.53.1.noarch",
"product": {
"name": "spacewalk-java-config-2.8.78.30-3.53.1.noarch",
"product_id": "spacewalk-java-config-2.8.78.30-3.53.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-2.8.78.30-3.53.1.noarch",
"product": {
"name": "spacewalk-java-lib-2.8.78.30-3.53.1.noarch",
"product_id": "spacewalk-java-lib-2.8.78.30-3.53.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-oracle-2.8.78.30-3.53.1.noarch",
"product": {
"name": "spacewalk-java-oracle-2.8.78.30-3.53.1.noarch",
"product_id": "spacewalk-java-oracle-2.8.78.30-3.53.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-2.8.78.30-3.53.1.noarch",
"product": {
"name": "spacewalk-java-postgresql-2.8.78.30-3.53.1.noarch",
"product_id": "spacewalk-java-postgresql-2.8.78.30-3.53.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-setup-2.8.7.11-3.28.1.noarch",
"product": {
"name": "spacewalk-setup-2.8.7.11-3.28.1.noarch",
"product_id": "spacewalk-setup-2.8.7.11-3.28.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-2.8.78.30-3.53.1.noarch",
"product": {
"name": "spacewalk-taskomatic-2.8.78.30-3.53.1.noarch",
"product_id": "spacewalk-taskomatic-2.8.78.30-3.53.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Server 3.2",
"product": {
"name": "SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:3.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-netapi-client-0.16.0-4.14.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:salt-netapi-client-0.16.0-4.14.1.noarch"
},
"product_reference": "salt-netapi-client-0.16.0-4.14.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-admin-2.8.4.7-3.15.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-admin-2.8.4.7-3.15.1.noarch"
},
"product_reference": "spacewalk-admin-2.8.4.7-3.15.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-2.8.78.30-3.53.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-2.8.78.30-3.53.1.noarch"
},
"product_reference": "spacewalk-java-2.8.78.30-3.53.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-2.8.78.30-3.53.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.30-3.53.1.noarch"
},
"product_reference": "spacewalk-java-config-2.8.78.30-3.53.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-2.8.78.30-3.53.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.30-3.53.1.noarch"
},
"product_reference": "spacewalk-java-lib-2.8.78.30-3.53.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-oracle-2.8.78.30-3.53.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.30-3.53.1.noarch"
},
"product_reference": "spacewalk-java-oracle-2.8.78.30-3.53.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-2.8.78.30-3.53.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.30-3.53.1.noarch"
},
"product_reference": "spacewalk-java-postgresql-2.8.78.30-3.53.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-setup-2.8.7.11-3.28.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-setup-2.8.7.11-3.28.1.noarch"
},
"product_reference": "spacewalk-setup-2.8.7.11-3.28.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-2.8.78.30-3.53.1.noarch as component of SUSE Manager Server 3.2",
"product_id": "SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.30-3.53.1.noarch"
},
"product_reference": "spacewalk-taskomatic-2.8.78.30-3.53.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-8028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8028"
}
],
"notes": [
{
"category": "general",
"text": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Server 3.2:salt-netapi-client-0.16.0-4.14.1.noarch",
"SUSE Manager Server 3.2:spacewalk-admin-2.8.4.7-3.15.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.11-3.28.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.30-3.53.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8028",
"url": "https://www.suse.com/security/cve/CVE-2020-8028"
},
{
"category": "external",
"summary": "SUSE Bug 1175884 for CVE-2020-8028",
"url": "https://bugzilla.suse.com/1175884"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Server 3.2:salt-netapi-client-0.16.0-4.14.1.noarch",
"SUSE Manager Server 3.2:spacewalk-admin-2.8.4.7-3.15.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.11-3.28.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.30-3.53.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Server 3.2:salt-netapi-client-0.16.0-4.14.1.noarch",
"SUSE Manager Server 3.2:spacewalk-admin-2.8.4.7-3.15.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-config-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-lib-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-oracle-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-java-postgresql-2.8.78.30-3.53.1.noarch",
"SUSE Manager Server 3.2:spacewalk-setup-2.8.7.11-3.28.1.noarch",
"SUSE Manager Server 3.2:spacewalk-taskomatic-2.8.78.30-3.53.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-16T12:23:03Z",
"details": "important"
}
],
"title": "CVE-2020-8028"
}
]
}
suse-su-2020:2650-1
Vulnerability from csaf_suse
Published
2020-09-16 12:24
Modified
2020-09-16 12:24
Summary
Security update for SUSE Manager Server 4.0
Notes
Title of the patch
Security update for SUSE Manager Server 4.0
Description of the patch
This update fixes the following issues:
hibernate5:
- Address CVE-2019-14900 (bsc#1172079)
image-sync-formula:
- Allow image-sync state on regular minion.
Image sync state requires branch-network pillars to get the directory
where to sync images. Use default `/srv/saltboot` if that pillar is
missing so image-sync can be applied on non branch minions as well.
openvpn-formula:
- Add hint that ssl certs must be on system (bsc#1172279)
prometheus-exporters-formula:
- Bugfix: Handle exporters proxy for unsupported distros (bsc#1175555)
- Add support for exporters proxy (exporter_exporter)
- Update the apache exporter config file for Debian
salt-netapi-client:
- Refresh authentication module list to newer Salt versions
saltboot-formula:
- Better fix for rounding errors (bsc#1136857)
spacecmd:
- Python3 fixes for errata in spacecmd (bsc#1169664)
- Python3 fix for sorted usage (bsc#1167907)
- Fix softwarechannel_listlatestpackages throwing error on empty channels (bsc#1175889)
- Fix escaping of package names (bsc#1171281)
spacewalk-admin:
- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)
spacewalk-certs-tools:
- Add option --nostricthostkeychecking to spacewalk-ssh-push-init
- Strip SSL Certificate Common Name after 63 Characters (bsc#1173535)
spacewalk-java:
- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)
- Fix EntityExistsException on migration from traditional to salt minion via proxy (bsc#1175556)
- Use media.1/products from media when not specified different (bsc#1175558)
- Fix: use quiet API method when using spacewalk-common-channels (bsc#1175529)
- Fix alignment on icon on entitlement page
- Reset the server path on minion registration (bsc#1174254)
- Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831)
- Fix error when rolling back a system to a snapshot (bsc#1173997)
- Avoid deadlock when syncing channels and registering minions at the same time (bsc#1173566)
- Provide comps.xml and modules.yaml when using onlinerepo for kickstart
- Set CPU and memory info for virtual instances (bsc#1170244)
- Change system list header text to something better (bsc#1173982)
spacewalk-setup:
- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)
spacewalk-utils:
- Avoid exceptions on the logs when looking for channels that do
not exist (bsc#1175529)
spacewalk-web:
- Fix login page after jQuery upgrade (bsc#1175224)
- Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831)
- Warn when a system is in multiple groups that configure the same
formula in the system formula's UI (bsc#1173554)
susemanager:
- Define bootstrap repo data for SUSE Manager Proxies (bsc#1174470)
susemanager-frontend-libs:
- Upgrade jquery to 3.5.1 - CVE-2020-11022 (bsc#1172831)
susemanager-schema:
- Prevent a deadlock error involving delete_server and update_needed_cache (bsc#1173073)
susemanager-sls:
- Fix the dnf plugin to add the token to the HTTP header (bsc#1175724)
- Fix reporting of missing products in product.all_installed (bsc#1165829)
- Require PyYAML version >= 5.1
- Get redhat-release only when it is not a symlink
- Fix: supply a dnf base when dealing w/repos (bsc#1172504)
- Fix: autorefresh in repos is zypper-only
susemanager-sync-data:
- Remove version from centos and oracle linux identifier (bsc#1173584)
virtualization-host-formula:
- Update to version 0.5
- Ensure kernel-default and libvirt-python3 are installed
- Set bridge network as default
- Fix conditionals (bsc#1175791)
How to apply this update:
1. Log in as root user to the SUSE Manager server.
2. Stop the Spacewalk service:
spacewalk-service stop
3. Apply the patch using either zypper patch or YaST Online Update.
4. Upgrade the database schema:
spacewalk-schema-upgrade
5. Start the Spacewalk service:
spacewalk-service start
Patchnames
SUSE-2020-2650,SUSE-SLE-Module-SUSE-Manager-Proxy-4.0-2020-2650,SUSE-SLE-Module-SUSE-Manager-Server-4.0-2020-2650
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for SUSE Manager Server 4.0",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update fixes the following issues:\n\nhibernate5:\n\n- Address CVE-2019-14900 (bsc#1172079)\n\nimage-sync-formula:\n\n- Allow image-sync state on regular minion.\n Image sync state requires branch-network pillars to get the directory\n where to sync images. Use default `/srv/saltboot` if that pillar is\n missing so image-sync can be applied on non branch minions as well.\n\nopenvpn-formula:\n\n- Add hint that ssl certs must be on system (bsc#1172279)\n\nprometheus-exporters-formula:\n\n- Bugfix: Handle exporters proxy for unsupported distros (bsc#1175555)\n- Add support for exporters proxy (exporter_exporter)\n- Update the apache exporter config file for Debian\n\nsalt-netapi-client:\n\n- Refresh authentication module list to newer Salt versions\n\nsaltboot-formula:\n\n- Better fix for rounding errors (bsc#1136857)\n\nspacecmd:\n\n- Python3 fixes for errata in spacecmd (bsc#1169664)\n- Python3 fix for sorted usage (bsc#1167907)\n- Fix softwarechannel_listlatestpackages throwing error on empty channels (bsc#1175889)\n- Fix escaping of package names (bsc#1171281)\n\nspacewalk-admin:\n\n- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)\n\nspacewalk-certs-tools:\n\n- Add option --nostricthostkeychecking to spacewalk-ssh-push-init\n- Strip SSL Certificate Common Name after 63 Characters (bsc#1173535)\n\nspacewalk-java:\n\n- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)\n- Fix EntityExistsException on migration from traditional to salt minion via proxy (bsc#1175556)\n- Use media.1/products from media when not specified different (bsc#1175558)\n- Fix: use quiet API method when using spacewalk-common-channels (bsc#1175529)\n- Fix alignment on icon on entitlement page\n- Reset the server path on minion registration (bsc#1174254)\n- Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831)\n- Fix error when rolling back a system to a snapshot (bsc#1173997)\n- Avoid deadlock when syncing channels and registering minions at the same time (bsc#1173566)\n- Provide comps.xml and modules.yaml when using onlinerepo for kickstart\n- Set CPU and memory info for virtual instances (bsc#1170244)\n- Change system list header text to something better (bsc#1173982)\n\nspacewalk-setup:\n\n- Use the Salt API in authenticated and encrypted form (bsc#1175884, CVE-2020-8028)\n\nspacewalk-utils:\n\n- Avoid exceptions on the logs when looking for channels that do\n not exist (bsc#1175529)\n\nspacewalk-web:\n\n- Fix login page after jQuery upgrade (bsc#1175224)\n- Upgrade jQuery and adapt the code - CVE-2020-11022 (bsc#1172831)\n- Warn when a system is in multiple groups that configure the same\n formula in the system formula\u0027s UI (bsc#1173554)\n\nsusemanager:\n\n- Define bootstrap repo data for SUSE Manager Proxies (bsc#1174470)\n\nsusemanager-frontend-libs:\n\n- Upgrade jquery to 3.5.1 - CVE-2020-11022 (bsc#1172831) \n\nsusemanager-schema:\n\n- Prevent a deadlock error involving delete_server and update_needed_cache (bsc#1173073)\n\nsusemanager-sls:\n\n- Fix the dnf plugin to add the token to the HTTP header (bsc#1175724)\n- Fix reporting of missing products in product.all_installed (bsc#1165829)\n- Require PyYAML version \u003e= 5.1\n- Get redhat-release only when it is not a symlink\n- Fix: supply a dnf base when dealing w/repos (bsc#1172504)\n- Fix: autorefresh in repos is zypper-only\n\nsusemanager-sync-data:\n\n- Remove version from centos and oracle linux identifier (bsc#1173584)\n\nvirtualization-host-formula:\n\n- Update to version 0.5\n - Ensure kernel-default and libvirt-python3 are installed\n - Set bridge network as default\n - Fix conditionals (bsc#1175791)\n\nHow to apply this update:\n1. Log in as root user to the SUSE Manager server.\n2. Stop the Spacewalk service:\nspacewalk-service stop\n3. Apply the patch using either zypper patch or YaST Online Update.\n4. Upgrade the database schema:\nspacewalk-schema-upgrade\n5. Start the Spacewalk service:\nspacewalk-service start\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-2650,SUSE-SLE-Module-SUSE-Manager-Proxy-4.0-2020-2650,SUSE-SLE-Module-SUSE-Manager-Server-4.0-2020-2650",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_2650-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:2650-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20202650-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:2650-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-September/007435.html"
},
{
"category": "self",
"summary": "SUSE Bug 1136857",
"url": "https://bugzilla.suse.com/1136857"
},
{
"category": "self",
"summary": "SUSE Bug 1165829",
"url": "https://bugzilla.suse.com/1165829"
},
{
"category": "self",
"summary": "SUSE Bug 1167907",
"url": "https://bugzilla.suse.com/1167907"
},
{
"category": "self",
"summary": "SUSE Bug 1169664",
"url": "https://bugzilla.suse.com/1169664"
},
{
"category": "self",
"summary": "SUSE Bug 1170244",
"url": "https://bugzilla.suse.com/1170244"
},
{
"category": "self",
"summary": "SUSE Bug 1171281",
"url": "https://bugzilla.suse.com/1171281"
},
{
"category": "self",
"summary": "SUSE Bug 1172079",
"url": "https://bugzilla.suse.com/1172079"
},
{
"category": "self",
"summary": "SUSE Bug 1172279",
"url": "https://bugzilla.suse.com/1172279"
},
{
"category": "self",
"summary": "SUSE Bug 1172504",
"url": "https://bugzilla.suse.com/1172504"
},
{
"category": "self",
"summary": "SUSE Bug 1172831",
"url": "https://bugzilla.suse.com/1172831"
},
{
"category": "self",
"summary": "SUSE Bug 1173073",
"url": "https://bugzilla.suse.com/1173073"
},
{
"category": "self",
"summary": "SUSE Bug 1173535",
"url": "https://bugzilla.suse.com/1173535"
},
{
"category": "self",
"summary": "SUSE Bug 1173554",
"url": "https://bugzilla.suse.com/1173554"
},
{
"category": "self",
"summary": "SUSE Bug 1173566",
"url": "https://bugzilla.suse.com/1173566"
},
{
"category": "self",
"summary": "SUSE Bug 1173584",
"url": "https://bugzilla.suse.com/1173584"
},
{
"category": "self",
"summary": "SUSE Bug 1173982",
"url": "https://bugzilla.suse.com/1173982"
},
{
"category": "self",
"summary": "SUSE Bug 1173997",
"url": "https://bugzilla.suse.com/1173997"
},
{
"category": "self",
"summary": "SUSE Bug 1174254",
"url": "https://bugzilla.suse.com/1174254"
},
{
"category": "self",
"summary": "SUSE Bug 1174470",
"url": "https://bugzilla.suse.com/1174470"
},
{
"category": "self",
"summary": "SUSE Bug 1175224",
"url": "https://bugzilla.suse.com/1175224"
},
{
"category": "self",
"summary": "SUSE Bug 1175529",
"url": "https://bugzilla.suse.com/1175529"
},
{
"category": "self",
"summary": "SUSE Bug 1175555",
"url": "https://bugzilla.suse.com/1175555"
},
{
"category": "self",
"summary": "SUSE Bug 1175556",
"url": "https://bugzilla.suse.com/1175556"
},
{
"category": "self",
"summary": "SUSE Bug 1175558",
"url": "https://bugzilla.suse.com/1175558"
},
{
"category": "self",
"summary": "SUSE Bug 1175724",
"url": "https://bugzilla.suse.com/1175724"
},
{
"category": "self",
"summary": "SUSE Bug 1175791",
"url": "https://bugzilla.suse.com/1175791"
},
{
"category": "self",
"summary": "SUSE Bug 1175884",
"url": "https://bugzilla.suse.com/1175884"
},
{
"category": "self",
"summary": "SUSE Bug 1175889",
"url": "https://bugzilla.suse.com/1175889"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-14900 page",
"url": "https://www.suse.com/security/cve/CVE-2019-14900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-11022 page",
"url": "https://www.suse.com/security/cve/CVE-2020-11022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-8028 page",
"url": "https://www.suse.com/security/cve/CVE-2020-8028/"
}
],
"title": "Security update for SUSE Manager Server 4.0",
"tracking": {
"current_release_date": "2020-09-16T12:24:27Z",
"generator": {
"date": "2020-09-16T12:24:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:2650-1",
"initial_release_date": "2020-09-16T12:24:27Z",
"revision_history": [
{
"date": "2020-09-16T12:24:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "openvpn-formula-0.1.1-4.6.2.aarch64",
"product": {
"name": "openvpn-formula-0.1.1-4.6.2.aarch64",
"product_id": "openvpn-formula-0.1.1-4.6.2.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.28-3.36.3.aarch64",
"product": {
"name": "susemanager-4.0.28-3.36.3.aarch64",
"product_id": "susemanager-4.0.28-3.36.3.aarch64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.28-3.36.3.aarch64",
"product": {
"name": "susemanager-tools-4.0.28-3.36.3.aarch64",
"product_id": "susemanager-tools-4.0.28-3.36.3.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "hibernate5-5.3.7-4.3.2.noarch",
"product": {
"name": "hibernate5-5.3.7-4.3.2.noarch",
"product_id": "hibernate5-5.3.7-4.3.2.noarch"
}
},
{
"category": "product_version",
"name": "image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"product": {
"name": "image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"product_id": "image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch"
}
},
{
"category": "product_version",
"name": "prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"product": {
"name": "prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"product_id": "prometheus-exporters-formula-0.7.1-3.10.2.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"product": {
"name": "python2-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"product_id": "python2-spacewalk-certs-tools-4.0.17-3.21.3.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"product": {
"name": "python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"product_id": "python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch"
}
},
{
"category": "product_version",
"name": "salt-netapi-client-0.17.0-4.6.3.noarch",
"product": {
"name": "salt-netapi-client-0.17.0-4.6.3.noarch",
"product_id": "salt-netapi-client-0.17.0-4.6.3.noarch"
}
},
{
"category": "product_version",
"name": "saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"product": {
"name": "saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"product_id": "saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-4.0.20-3.19.2.noarch",
"product": {
"name": "spacecmd-4.0.20-3.19.2.noarch",
"product_id": "spacecmd-4.0.20-3.19.2.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-admin-4.0.11-3.12.1.noarch",
"product": {
"name": "spacewalk-admin-4.0.11-3.12.1.noarch",
"product_id": "spacewalk-admin-4.0.11-3.12.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-4.0.23-3.30.3.noarch",
"product": {
"name": "spacewalk-base-4.0.23-3.30.3.noarch",
"product_id": "spacewalk-base-4.0.23-3.30.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"product": {
"name": "spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"product_id": "spacewalk-base-minimal-4.0.23-3.30.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"product": {
"name": "spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"product_id": "spacewalk-base-minimal-config-4.0.23-3.30.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"product": {
"name": "spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"product_id": "spacewalk-certs-tools-4.0.17-3.21.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-dobby-4.0.23-3.30.3.noarch",
"product": {
"name": "spacewalk-dobby-4.0.23-3.30.3.noarch",
"product_id": "spacewalk-dobby-4.0.23-3.30.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-html-4.0.23-3.30.3.noarch",
"product": {
"name": "spacewalk-html-4.0.23-3.30.3.noarch",
"product_id": "spacewalk-html-4.0.23-3.30.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-4.0.37-3.39.1.noarch",
"product": {
"name": "spacewalk-java-4.0.37-3.39.1.noarch",
"product_id": "spacewalk-java-4.0.37-3.39.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-apidoc-sources-4.0.37-3.39.1.noarch",
"product": {
"name": "spacewalk-java-apidoc-sources-4.0.37-3.39.1.noarch",
"product_id": "spacewalk-java-apidoc-sources-4.0.37-3.39.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-config-4.0.37-3.39.1.noarch",
"product": {
"name": "spacewalk-java-config-4.0.37-3.39.1.noarch",
"product_id": "spacewalk-java-config-4.0.37-3.39.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-lib-4.0.37-3.39.1.noarch",
"product": {
"name": "spacewalk-java-lib-4.0.37-3.39.1.noarch",
"product_id": "spacewalk-java-lib-4.0.37-3.39.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"product": {
"name": "spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"product_id": "spacewalk-java-postgresql-4.0.37-3.39.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"product": {
"name": "spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"product_id": "spacewalk-proxy-broker-4.0.14-3.10.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"product": {
"name": "spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"product_id": "spacewalk-proxy-common-4.0.14-3.10.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"product": {
"name": "spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"product_id": "spacewalk-proxy-management-4.0.14-3.10.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"product": {
"name": "spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"product_id": "spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"product": {
"name": "spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"product_id": "spacewalk-proxy-redirect-4.0.14-3.10.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"product": {
"name": "spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"product_id": "spacewalk-proxy-salt-4.0.14-3.10.3.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-setup-4.0.14-3.14.1.noarch",
"product": {
"name": "spacewalk-setup-4.0.14-3.14.1.noarch",
"product_id": "spacewalk-setup-4.0.14-3.14.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"product": {
"name": "spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"product_id": "spacewalk-taskomatic-4.0.37-3.39.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-utils-4.0.18-3.21.3.noarch",
"product": {
"name": "spacewalk-utils-4.0.18-3.21.3.noarch",
"product_id": "spacewalk-utils-4.0.18-3.21.3.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"product": {
"name": "susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"product_id": "susemanager-frontend-libs-4.0.2-4.3.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-frontend-libs-devel-4.0.2-4.3.2.noarch",
"product": {
"name": "susemanager-frontend-libs-devel-4.0.2-4.3.2.noarch",
"product_id": "susemanager-frontend-libs-devel-4.0.2-4.3.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-4.0.22-3.29.2.noarch",
"product": {
"name": "susemanager-schema-4.0.22-3.29.2.noarch",
"product_id": "susemanager-schema-4.0.22-3.29.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-schema-sanity-4.0.22-3.29.2.noarch",
"product": {
"name": "susemanager-schema-sanity-4.0.22-3.29.2.noarch",
"product_id": "susemanager-schema-sanity-4.0.22-3.29.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sls-4.0.29-3.31.3.noarch",
"product": {
"name": "susemanager-sls-4.0.29-3.31.3.noarch",
"product_id": "susemanager-sls-4.0.29-3.31.3.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-sync-data-4.0.18-3.24.2.noarch",
"product": {
"name": "susemanager-sync-data-4.0.18-3.24.2.noarch",
"product_id": "susemanager-sync-data-4.0.18-3.24.2.noarch"
}
},
{
"category": "product_version",
"name": "susemanager-web-libs-4.0.23-3.30.3.noarch",
"product": {
"name": "susemanager-web-libs-4.0.23-3.30.3.noarch",
"product_id": "susemanager-web-libs-4.0.23-3.30.3.noarch"
}
},
{
"category": "product_version",
"name": "virtualization-host-formula-0.5-4.12.3.noarch",
"product": {
"name": "virtualization-host-formula-0.5-4.12.3.noarch",
"product_id": "virtualization-host-formula-0.5-4.12.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "openvpn-formula-0.1.1-4.6.2.ppc64le",
"product": {
"name": "openvpn-formula-0.1.1-4.6.2.ppc64le",
"product_id": "openvpn-formula-0.1.1-4.6.2.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.28-3.36.3.ppc64le",
"product": {
"name": "susemanager-4.0.28-3.36.3.ppc64le",
"product_id": "susemanager-4.0.28-3.36.3.ppc64le"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.28-3.36.3.ppc64le",
"product": {
"name": "susemanager-tools-4.0.28-3.36.3.ppc64le",
"product_id": "susemanager-tools-4.0.28-3.36.3.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openvpn-formula-0.1.1-4.6.2.s390x",
"product": {
"name": "openvpn-formula-0.1.1-4.6.2.s390x",
"product_id": "openvpn-formula-0.1.1-4.6.2.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.28-3.36.3.s390x",
"product": {
"name": "susemanager-4.0.28-3.36.3.s390x",
"product_id": "susemanager-4.0.28-3.36.3.s390x"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.28-3.36.3.s390x",
"product": {
"name": "susemanager-tools-4.0.28-3.36.3.s390x",
"product_id": "susemanager-tools-4.0.28-3.36.3.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "hibernate5-kit-06f89f5f40a0b95b08f814879026e8ce444876e5-3.3.1.x86_64",
"product": {
"name": "hibernate5-kit-06f89f5f40a0b95b08f814879026e8ce444876e5-3.3.1.x86_64",
"product_id": "hibernate5-kit-06f89f5f40a0b95b08f814879026e8ce444876e5-3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "openvpn-formula-0.1.1-4.6.2.x86_64",
"product": {
"name": "openvpn-formula-0.1.1-4.6.2.x86_64",
"product_id": "openvpn-formula-0.1.1-4.6.2.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-4.0.28-3.36.3.x86_64",
"product": {
"name": "susemanager-4.0.28-3.36.3.x86_64",
"product_id": "susemanager-4.0.28-3.36.3.x86_64"
}
},
{
"category": "product_version",
"name": "susemanager-tools-4.0.28-3.36.3.x86_64",
"product": {
"name": "susemanager-tools-4.0.28-3.36.3.x86_64",
"product_id": "susemanager-tools-4.0.28-3.36.3.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Proxy Module 4.0",
"product": {
"name": "SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-proxy:4.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server Module 4.0",
"product": {
"name": "SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-suse-manager-server:4.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch"
},
"product_reference": "python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.0.20-3.19.2.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacecmd-4.0.20-3.19.2.noarch"
},
"product_reference": "spacecmd-4.0.20-3.19.2.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-4.0.23-3.30.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch"
},
"product_reference": "spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-4.0.23-3.30.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch"
},
"product_reference": "spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-4.0.17-3.21.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch"
},
"product_reference": "spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-broker-4.0.14-3.10.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-proxy-broker-4.0.14-3.10.3.noarch"
},
"product_reference": "spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-common-4.0.14-3.10.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-proxy-common-4.0.14-3.10.3.noarch"
},
"product_reference": "spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-management-4.0.14-3.10.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-proxy-management-4.0.14-3.10.3.noarch"
},
"product_reference": "spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch"
},
"product_reference": "spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-redirect-4.0.14-3.10.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-proxy-redirect-4.0.14-3.10.3.noarch"
},
"product_reference": "spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-proxy-salt-4.0.14-3.10.3.noarch as component of SUSE Manager Proxy Module 4.0",
"product_id": "SUSE Manager Proxy Module 4.0:spacewalk-proxy-salt-4.0.14-3.10.3.noarch"
},
"product_reference": "spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"relates_to_product_reference": "SUSE Manager Proxy Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "hibernate5-5.3.7-4.3.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:hibernate5-5.3.7-4.3.2.noarch"
},
"product_reference": "hibernate5-5.3.7-4.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch"
},
"product_reference": "image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvpn-formula-0.1.1-4.6.2.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.ppc64le"
},
"product_reference": "openvpn-formula-0.1.1-4.6.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvpn-formula-0.1.1-4.6.2.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.s390x"
},
"product_reference": "openvpn-formula-0.1.1-4.6.2.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvpn-formula-0.1.1-4.6.2.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.x86_64"
},
"product_reference": "openvpn-formula-0.1.1-4.6.2.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-exporters-formula-0.7.1-3.10.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.7.1-3.10.2.noarch"
},
"product_reference": "prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch"
},
"product_reference": "python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "salt-netapi-client-0.17.0-4.6.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.6.3.noarch"
},
"product_reference": "salt-netapi-client-0.17.0-4.6.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch"
},
"product_reference": "saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-4.0.20-3.19.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacecmd-4.0.20-3.19.2.noarch"
},
"product_reference": "spacecmd-4.0.20-3.19.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-admin-4.0.11-3.12.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-admin-4.0.11-3.12.1.noarch"
},
"product_reference": "spacewalk-admin-4.0.11-3.12.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-4.0.23-3.30.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-base-4.0.23-3.30.3.noarch"
},
"product_reference": "spacewalk-base-4.0.23-3.30.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-4.0.23-3.30.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch"
},
"product_reference": "spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-base-minimal-config-4.0.23-3.30.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch"
},
"product_reference": "spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-certs-tools-4.0.17-3.21.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch"
},
"product_reference": "spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-html-4.0.23-3.30.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-html-4.0.23-3.30.3.noarch"
},
"product_reference": "spacewalk-html-4.0.23-3.30.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-4.0.37-3.39.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-4.0.37-3.39.1.noarch"
},
"product_reference": "spacewalk-java-4.0.37-3.39.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-config-4.0.37-3.39.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.37-3.39.1.noarch"
},
"product_reference": "spacewalk-java-config-4.0.37-3.39.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-lib-4.0.37-3.39.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.37-3.39.1.noarch"
},
"product_reference": "spacewalk-java-lib-4.0.37-3.39.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-java-postgresql-4.0.37-3.39.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.37-3.39.1.noarch"
},
"product_reference": "spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-setup-4.0.14-3.14.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-setup-4.0.14-3.14.1.noarch"
},
"product_reference": "spacewalk-setup-4.0.14-3.14.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-taskomatic-4.0.37-3.39.1.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.37-3.39.1.noarch"
},
"product_reference": "spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-utils-4.0.18-3.21.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:spacewalk-utils-4.0.18-3.21.3.noarch"
},
"product_reference": "spacewalk-utils-4.0.18-3.21.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.0.28-3.36.3.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.ppc64le"
},
"product_reference": "susemanager-4.0.28-3.36.3.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.0.28-3.36.3.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.s390x"
},
"product_reference": "susemanager-4.0.28-3.36.3.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-4.0.28-3.36.3.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.x86_64"
},
"product_reference": "susemanager-4.0.28-3.36.3.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-frontend-libs-4.0.2-4.3.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-frontend-libs-4.0.2-4.3.2.noarch"
},
"product_reference": "susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-schema-4.0.22-3.29.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-schema-4.0.22-3.29.2.noarch"
},
"product_reference": "susemanager-schema-4.0.22-3.29.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sls-4.0.29-3.31.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-sls-4.0.29-3.31.3.noarch"
},
"product_reference": "susemanager-sls-4.0.29-3.31.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-sync-data-4.0.18-3.24.2.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.18-3.24.2.noarch"
},
"product_reference": "susemanager-sync-data-4.0.18-3.24.2.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.0.28-3.36.3.ppc64le as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.ppc64le"
},
"product_reference": "susemanager-tools-4.0.28-3.36.3.ppc64le",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.0.28-3.36.3.s390x as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.s390x"
},
"product_reference": "susemanager-tools-4.0.28-3.36.3.s390x",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-tools-4.0.28-3.36.3.x86_64 as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.x86_64"
},
"product_reference": "susemanager-tools-4.0.28-3.36.3.x86_64",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "susemanager-web-libs-4.0.23-3.30.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.23-3.30.3.noarch"
},
"product_reference": "susemanager-web-libs-4.0.23-3.30.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "virtualization-host-formula-0.5-4.12.3.noarch as component of SUSE Manager Server Module 4.0",
"product_id": "SUSE Manager Server Module 4.0:virtualization-host-formula-0.5-4.12.3.noarch"
},
"product_reference": "virtualization-host-formula-0.5-4.12.3.noarch",
"relates_to_product_reference": "SUSE Manager Server Module 4.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-14900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-14900"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Hibernate ORM in versions before 5.3.18, 5.4.18 and 5.5.0.Beta1. A SQL injection in the implementation of the JPA Criteria API can permit unsanitized literals when a literal is used in the SELECT or GROUP BY parts of the query. This flaw could allow an attacker to access unauthorized information or possibly conduct further attacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"SUSE Manager Server Module 4.0:hibernate5-5.3.7-4.3.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.ppc64le",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.s390x",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.6.3.noarch",
"SUSE Manager Server Module 4.0:saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.11-3.12.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.14-3.14.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.18-3.21.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.22-3.29.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.29-3.31.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.18-3.24.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.5-4.12.3.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-14900",
"url": "https://www.suse.com/security/cve/CVE-2019-14900"
},
{
"category": "external",
"summary": "SUSE Bug 1172079 for CVE-2019-14900",
"url": "https://bugzilla.suse.com/1172079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"SUSE Manager Server Module 4.0:hibernate5-5.3.7-4.3.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.ppc64le",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.s390x",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.6.3.noarch",
"SUSE Manager Server Module 4.0:saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.11-3.12.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.14-3.14.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.18-3.21.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.22-3.29.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.29-3.31.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.18-3.24.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.5-4.12.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"SUSE Manager Server Module 4.0:hibernate5-5.3.7-4.3.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.ppc64le",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.s390x",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.6.3.noarch",
"SUSE Manager Server Module 4.0:saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.11-3.12.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.14-3.14.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.18-3.21.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.22-3.29.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.29-3.31.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.18-3.24.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.5-4.12.3.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-16T12:24:27Z",
"details": "moderate"
}
],
"title": "CVE-2019-14900"
},
{
"cve": "CVE-2020-11022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-11022"
}
],
"notes": [
{
"category": "general",
"text": "In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery\u0027s DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"SUSE Manager Server Module 4.0:hibernate5-5.3.7-4.3.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.ppc64le",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.s390x",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.6.3.noarch",
"SUSE Manager Server Module 4.0:saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.11-3.12.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.14-3.14.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.18-3.21.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.22-3.29.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.29-3.31.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.18-3.24.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.5-4.12.3.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-11022",
"url": "https://www.suse.com/security/cve/CVE-2020-11022"
},
{
"category": "external",
"summary": "SUSE Bug 1173090 for CVE-2020-11022",
"url": "https://bugzilla.suse.com/1173090"
},
{
"category": "external",
"summary": "SUSE Bug 1178434 for CVE-2020-11022",
"url": "https://bugzilla.suse.com/1178434"
},
{
"category": "external",
"summary": "SUSE Bug 1190663 for CVE-2020-11022",
"url": "https://bugzilla.suse.com/1190663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"SUSE Manager Server Module 4.0:hibernate5-5.3.7-4.3.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.ppc64le",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.s390x",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.6.3.noarch",
"SUSE Manager Server Module 4.0:saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.11-3.12.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.14-3.14.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.18-3.21.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.22-3.29.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.29-3.31.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.18-3.24.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.5-4.12.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"SUSE Manager Server Module 4.0:hibernate5-5.3.7-4.3.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.ppc64le",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.s390x",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.6.3.noarch",
"SUSE Manager Server Module 4.0:saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.11-3.12.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.14-3.14.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.18-3.21.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.22-3.29.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.29-3.31.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.18-3.24.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.5-4.12.3.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-16T12:24:27Z",
"details": "moderate"
}
],
"title": "CVE-2020-11022"
},
{
"cve": "CVE-2020-8028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-8028"
}
],
"notes": [
{
"category": "general",
"text": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"SUSE Manager Server Module 4.0:hibernate5-5.3.7-4.3.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.ppc64le",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.s390x",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.6.3.noarch",
"SUSE Manager Server Module 4.0:saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.11-3.12.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.14-3.14.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.18-3.21.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.22-3.29.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.29-3.31.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.18-3.24.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.5-4.12.3.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-8028",
"url": "https://www.suse.com/security/cve/CVE-2020-8028"
},
{
"category": "external",
"summary": "SUSE Bug 1175884 for CVE-2020-8028",
"url": "https://bugzilla.suse.com/1175884"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"SUSE Manager Server Module 4.0:hibernate5-5.3.7-4.3.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.ppc64le",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.s390x",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.6.3.noarch",
"SUSE Manager Server Module 4.0:saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.11-3.12.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.14-3.14.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.18-3.21.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.22-3.29.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.29-3.31.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.18-3.24.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.5-4.12.3.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Manager Proxy Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-broker-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-common-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-management-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-package-manager-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-redirect-4.0.14-3.10.3.noarch",
"SUSE Manager Proxy Module 4.0:spacewalk-proxy-salt-4.0.14-3.10.3.noarch",
"SUSE Manager Server Module 4.0:hibernate5-5.3.7-4.3.2.noarch",
"SUSE Manager Server Module 4.0:image-sync-formula-0.1.1595937550.0285244-3.20.2.noarch",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.ppc64le",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.s390x",
"SUSE Manager Server Module 4.0:openvpn-formula-0.1.1-4.6.2.x86_64",
"SUSE Manager Server Module 4.0:prometheus-exporters-formula-0.7.1-3.10.2.noarch",
"SUSE Manager Server Module 4.0:python3-spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:salt-netapi-client-0.17.0-4.6.3.noarch",
"SUSE Manager Server Module 4.0:saltboot-formula-0.1.1595937550.0285244-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacecmd-4.0.20-3.19.2.noarch",
"SUSE Manager Server Module 4.0:spacewalk-admin-4.0.11-3.12.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-base-minimal-config-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-certs-tools-4.0.17-3.21.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-html-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-config-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-lib-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-java-postgresql-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-setup-4.0.14-3.14.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-taskomatic-4.0.37-3.39.1.noarch",
"SUSE Manager Server Module 4.0:spacewalk-utils-4.0.18-3.21.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-frontend-libs-4.0.2-4.3.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-schema-4.0.22-3.29.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-sls-4.0.29-3.31.3.noarch",
"SUSE Manager Server Module 4.0:susemanager-sync-data-4.0.18-3.24.2.noarch",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.ppc64le",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.s390x",
"SUSE Manager Server Module 4.0:susemanager-tools-4.0.28-3.36.3.x86_64",
"SUSE Manager Server Module 4.0:susemanager-web-libs-4.0.23-3.30.3.noarch",
"SUSE Manager Server Module 4.0:virtualization-host-formula-0.5-4.12.3.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-16T12:24:27Z",
"details": "important"
}
],
"title": "CVE-2020-8028"
}
]
}
fkie_cve-2020-8028
Vulnerability from fkie_nvd
Published
2020-09-17 10:15
Modified
2024-11-21 05:38
Severity ?
9.3 (Critical) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.3 (Critical) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.3 (Critical) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| meissner@suse.de | https://bugzilla.suse.com/show_bug.cgi?id=1175884 | Exploit, Issue Tracking, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.suse.com/show_bug.cgi?id=1175884 | Exploit, Issue Tracking, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| suse | salt-netapi-client | * | |
| suse | manager_server | 4.1 | |
| suse | salt-netapi-client | * | |
| suse | manager_server | 3.2 | |
| suse | salt-netapi-client | * | |
| suse | manager_server | 4.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:salt-netapi-client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D48DA175-6217-4420-9E2D-F67ED6C2AB3E",
"versionEndExcluding": "0.17.0-3.3.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:manager_server:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B5810E98-7BF5-42E2-9DE9-661049ABE367",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:salt-netapi-client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "56EC014D-79DA-4990-841C-901E4CD2D7D0",
"versionEndExcluding": "0.16.0-4.14.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:manager_server:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B1F68F28-E248-4424-9AD8-0D6294B9666F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:salt-netapi-client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EC5421E8-063D-4467-A680-4A48E1C84AE8",
"versionEndExcluding": "0.17.0-4.6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:manager_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51136B38-5715-49B3-BD8D-91F90632247D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1."
},
{
"lang": "es",
"value": "Una vulnerabilidad de control de acceso inapropiado en la configuraci\u00f3n de la sal de SUSE Linux Enterprise Module para SUSE Manager Server versi\u00f3n 4.1, SUSE Manager Proxy versi\u00f3n 4.0, SUSE Manager Retail Branch Server versi\u00f3n 4.0, SUSE Manager Server versi\u00f3n 3.2, SUSE Manager Server versi\u00f3n 4.0 permite a los usuarios locales escalar a root en todos los sistemas gestionados por el administrador de SUSE.\u0026#xa0;En el propio nodo de gesti\u00f3n, el c\u00f3digo se puede ejecutar como la sal de usuario, lo que potencialmente permite una escalada a root ah\u00ed.\u0026#xa0;Este problema afecta a: SUSE Linux Enterprise Module para SUSE Manager Server versiones 4.1 google-gson anteriores a 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-.\u0026#xa0;SUSE Manager Proxy versiones 4.0 release-notes-susemanager-proxy anteriores a 4.0.9-0.16.38.1.\u0026#xa0;SUSE Manager Retail Branch Server versiones 4.0 release-notes-susemanager-proxy anteriores a 4.0.9-0.16.38.1.\u0026#xa0;SUSE Manager Server versiones 3.\u0026#xa0;2 salt-netapi-client anteriores a 0.16.0-4.14.1, spacewalk-.\u0026#xa0;SUSE Manager Server versiones 4.0 release-notes-susemanager anteriores a 4.0.9-3.54.1"
}
],
"id": "CVE-2020-8028",
"lastModified": "2024-11-21T05:38:15.073",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 6.0,
"source": "meissner@suse.de",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.5,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-17T10:15:15.323",
"references": [
{
"source": "meissner@suse.de",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1175884"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1175884"
}
],
"sourceIdentifier": "meissner@suse.de",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "meissner@suse.de",
"type": "Primary"
}
]
}
ghsa-pmmp-f225-r347
Vulnerability from github
Published
2022-05-24 17:29
Modified
2022-05-24 17:29
VLAI Severity ?
Details
A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.
{
"affected": [],
"aliases": [
"CVE-2020-8028"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-09-17T10:15:00Z",
"severity": "CRITICAL"
},
"details": "A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager. On the managing node itself code can be executed as user salt, potentially allowing for escalation to root there. This issue affects: SUSE Linux Enterprise Module for SUSE Manager Server 4.1 google-gson versions prior to 2.8.5-3.4.3, httpcomponents-client-4.5.6-3.4.2, httpcomponents-. SUSE Manager Proxy 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Retail Branch Server 4.0 release-notes-susemanager-proxy versions prior to 4.0.9-0.16.38.1. SUSE Manager Server 3.2 salt-netapi-client versions prior to 0.16.0-4.14.1, spacewalk-. SUSE Manager Server 4.0 release-notes-susemanager versions prior to 4.0.9-3.54.1.",
"id": "GHSA-pmmp-f225-r347",
"modified": "2022-05-24T17:29:12Z",
"published": "2022-05-24T17:29:12Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8028"
},
{
"type": "WEB",
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1175884"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…