Description
A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE Linux Enterprise: versions prior to 12.
References (2)
Core 2
Core References
Various Sources x_refsource_confirm
https://build.opensuse.org/request/show/80346
Issue Tracking x_refsource_confirm
https://bugzilla.suse.com/show_bug.cgi?id=707645
Scores
CVSS v3
5.4
EPSS
0.0022
EPSS Percentile
44.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-304
CWE-264
Status
published
Products (1)
suse/suse_linux_enterprise_server
< 12.0
Published
Jun 08, 2018
Tracked Since
Feb 18, 2026