SUSE Lifecycle Management Server (SLMS) prior to 1.3.7 does not generate a new secret key when the service starts, which allows remote malicious users to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
novell suse lifecycle management server |
||
novell suse lifecycle management server 1.2 |
||
novell suse lifecycle management server 1.1 |
||
novell suse lifecycle management server 1.0 |