SUSE SLED15 / SLES15 / openSUSE 15 Security Update : maven and recommended update for antlr3, minlog, sbt, xmvn (SUSE-SU-2023:2097-1)
Discription
The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2097-1 advisory.
– In logback version 1.2.7 and prior versions, an attacker with the required privileges to edit configurations files could craft a malicious configuration allowing to execute arbitrary code loaded from LDAP servers. (CVE-2021-42550)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More
References
Back to Main