CVE-2018-12471
Description
A External Entity Reference (XXE) vulnerability in SUSE Linux SMT allows remote attackers to read data from the server or cause DoS by referencing blocking elements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.
Risk Information
Base Score
8.1
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
EPSS Score
Exploitation Probability
0.538
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2018:2898-1(SUSE Linux Enterprise Server 12-SP3 ) res-signingkeys-3.0.37-52.23.6.x86_64.rpm | Linux |
| SUSE-SU-2018:2898-1(SUSE Linux Enterprise Server 12-SP3 ) smt-3.0.37-52.23.6.x86_64.rpm | Linux |
| SUSE-SU-2018:2898-1(SUSE Linux Enterprise Server 12-SP3 ) smt-debuginfo-3.0.37-52.23.6.x86_64.rpm | Linux |
| SUSE-SU-2018:2898-1(SUSE Linux Enterprise Server 12-SP3 ) smt-debugsource-3.0.37-52.23.6.x86_64.rpm | Linux |
| SUSE-SU-2018:2898-1(SUSE Linux Enterprise Server 12-SP3 ) smt-support-3.0.37-52.23.6.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234