SUSE SLED15 / SLES15 / openSUSE 15 Security Update : php7 (SUSE-SU-2023:2828-1)
Discription

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2828-1 advisory.

– The vulnerability exists due to a missing error check and insufficient random bytes in HTTP Digest authentication for SOAP. A remote attacker can perform a brute-force attack and bypass authentication process. (CVE-2023-3247)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More

Back to Main

Subscribe for the latest news: