SUSE SLES12 Security Update : php74 (SUSE-SU-2023:2848-1)
Discription
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2848-1 advisory.
– The vulnerability exists due to a missing error check and insufficient random bytes in HTTP Digest authentication for SOAP. A remote attacker can perform a brute-force attack and bypass authentication process. (CVE-2023-3247)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More
References
Back to Main