CVE-2022-45154
MEDIUMsupportutils < 3.0.10-95.51.1 - Cleartext Storage of Sensitive Information in Support Logs
Title source: llmDescription
A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects: SUSE Linux Enterprise Server 12 supportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions. SUSE Linux Enterprise Server 15 supportutils version 3.1.21-150000.5.44.1 and prior versions. SUSE Linux Enterprise Server 15 SP3 supportutils version 3.1.21-150300.7.35.15.1 and prior versions.
References (1)
Core 1
Core References
Exploit, Issue Tracking
https://bugzilla.suse.com/show_bug.cgi?id=1207598
Scores
CVSS v3
4.4
EPSS
0.0001
EPSS Percentile
3.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-312
Status
published
Products (1)
opensuse/supportutils
< 3.0.10-95.51.1
Published
Feb 15, 2023
Tracked Since
Feb 18, 2026