SB2025021742 - SUSE update for SUSE Manager Client Tools 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2025021742

SB2025021742 - SUSE update for SUSE Manager Client Tools

Published: February 17, 2025

Security Bulletin ID SB2025021742
Severity
High
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

High 14% Medium 29% Low 57%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 secuirty vulnerabilities.


1) Improper Authentication (CVE-ID: CVE-2023-3128)

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in Azure AD OAuth implementation. Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. A remote attacker can modify their profile and provide the email address of  an existing Grafana user, bypass authentication process and gain unauthorized access to the application.

The vulnerability affects Grafana installations with Azure AD OAuth configured for a multi-tenant app.



2) Incorrect authorization (CVE-ID: CVE-2023-6152)

The vulnerability allows a remote attacker to bypass email verification.

The vulnerability exists due to email addresses are verified only during sign up, if "verify_email_enabled" option is set. A remote attacker can register an account and then set an arbitrary email address without verification.


3) Information disclosure (CVE-ID: CVE-2024-22037)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the uyuni-server-attestation systemd service uses the database_password environment variable to store password. A local user can obtain the password via systemd.


4) Improper authorization (CVE-ID: CVE-2024-45337)

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to improper authorization caused by improper usage of the ServerConfig.PublicKeyCallback callback. A remote attacker can bypass authorization in certain cases and gain access to the application.


5) Insufficient technical documentation (CVE-ID: CVE-2024-51744)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due due to unclear documentation of the error behavior in "ParseWithClaims". A remote attacker can trick the victim into accepting invalid tokens, which can lead to information disclosure.


6) Cross-site scripting (CVE-ID: CVE-2024-6837)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "/swagger" endpoint. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.


7) Improper access control (CVE-ID: CVE-2024-8118)

The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to wrong permission is applied to the alert rule write API endpoint. A remote user with permission to write external alert instances can also write alert rules.


Remediation

Install update from vendor's website.

References