OpenSUSE cryptctl 2.0

CPE Details

OpenSUSE cryptctl 2.0
opensuse
cryptctl
2.0
2020-01-29
16h33 +00:00
2020-01-29
16h33 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:opensuse:cryptctl:2.0:*:*:*:*:*:*:*

Informations

Vendor

opensuse

Product

cryptctl

Version

2.0

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2019-18906 2021-06-30 08h35 +00:00 A Improper Authentication vulnerability in cryptctl of SUSE Linux Enterprise Server for SAP 12-SP5, SUSE Manager Server 4.0 allows attackers with access to the hashed password to use it without having to crack it. This issue affects: SUSE Linux Enterprise Server for SAP 12-SP5 cryptctl versions prior to 2.4. SUSE Manager Server 4.0 cryptctl versions prior to 2.4.
9.8
Critical
CVE-2017-9270 2018-03-01 19h00 +00:00 In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database.
9.1
Critical
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.