The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2828-1 advisory.
– The vulnerability exists due to a missing error check and insufficient random bytes in HTTP Digest authentication for SOAP. A remote attacker can perform a brute-force attack and bypass authentication process. (CVE-2023-3247)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More