csaf_suse - suse-ru-2024:4008-1

suse-ru-2024:4008-1

Vulnerability from csaf_suse

Published

2024-11-18 13:20

Modified

2024-11-18 13:20

Summary

Security update for SUSE Manager Server 5.0

Notes

Title of the patch

Security update for SUSE Manager Server 5.0

Description of the patch

This update fixes the following issues: uyuni-storage-setup: - Version 5.0.3-0 * Do not create partition on extra storage disk - Version 5.0.2-0 * Do not build debuginfo package uyuni-tools: - Security issues fixed: * Version 0.1.24-0 + CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) - Bugs fixed: * Version 0.1.26-0 + Ignore all zypper caches during migration (bsc#1232769) * Version 0.1.25-0 + Don't migrate enabled systemd services, recreate them (bsc#1232575) * Version 0.1.24-0 + Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568) * Version 0.1.23-0 + Ensure namespace is defined in all kubernetes commands + Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) + Fix namespace usage on mgrctl cp command * Version 0.1.22-0 + Set projectId also for test packages/images + mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) + Do not allow SUSE Manager downgrade + Prevent completion issue when /var/log/uyuni-tools.log is missing + Fix proxy shared volume flag + During migration, exclude mgr-sync configuration file (bsc#1228685) + Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) + During migration, handle empty autoinstallation path (bsc#1230285) + During migration, handle symlinks (bsc#1230288) + During migration, trust the remote sender's file list (bsc#1228424) + Use SCC flags during podman pull + Restore SELinux permission after migration (bsc#1229501) + Share volumes between containers (bsc#1223142) + Save supportconfig in current directory (bsc#1226759) + Fix error code handling on reinstallation (bsc#1230139) + Fix creating first user and organization + Add missing variable quotes for install vars (bsc#1229108) + Add API login and logout calls to allow persistent login How to apply this update: 1. Log in as root user to the SUSE Manager Server. 2. Upgrade mgradm and mgrctl. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgradm upgrade podman` which will use the default image tags.

Patchnames

SUSE-2024-4008,SUSE-SUSE-Manager-Proxy-5.0-2024-4008,SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2024-4008,SUSE-SUSE-Manager-Server-5.0-2024-4008

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for SUSE Manager Server 5.0",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update fixes the following issues:\n\nuyuni-storage-setup:\n\n- Version 5.0.3-0\n  * Do not create partition on extra storage disk\n- Version 5.0.2-0\n  * Do not build debuginfo package\n\nuyuni-tools:\n\n- Security issues fixed:\n  * Version 0.1.24-0\n    + CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497)\n- Bugs fixed:\n  * Version 0.1.26-0\n    + Ignore all zypper caches during migration (bsc#1232769)\n  * Version 0.1.25-0\n    + Don\u0027t migrate enabled systemd services, recreate them (bsc#1232575)\n  * Version 0.1.24-0\n    + Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568)\n  * Version 0.1.23-0\n    + Ensure namespace is defined in all kubernetes commands\n    + Use SCC credentials to authenticate against registry.suse.com\n      for kubernetes (bsc#1231157)\n    + Fix namespace usage on mgrctl cp command\n  * Version 0.1.22-0\n    + Set projectId also for test packages/images\n    + mgradm migration should not pull Confidential Computing and Hub\n      image is replicas == 0 (bsc#1229432, bsc#1230136)\n    + Do not allow SUSE Manager downgrade\n    + Prevent completion issue when /var/log/uyuni-tools.log is missing\n    + Fix proxy shared volume flag\n    + During migration, exclude mgr-sync configuration file (bsc#1228685)\n    + Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and\n      postgresql.conf files (bsc#1231206)\n    + During migration, handle empty autoinstallation path (bsc#1230285)\n    + During migration, handle symlinks (bsc#1230288)\n    + During migration, trust the remote sender\u0027s file list (bsc#1228424)\n    + Use SCC flags during podman pull\n    + Restore SELinux permission after migration (bsc#1229501)\n    + Share volumes between containers (bsc#1223142)\n    + Save supportconfig in current directory (bsc#1226759)\n    + Fix error code handling on reinstallation (bsc#1230139)\n    + Fix creating first user and organization\n    + Add missing variable quotes for install vars (bsc#1229108)\n    + Add API login and logout calls to allow persistent login\n\nHow to apply this update:\n\n1. Log in as root user to the SUSE Manager Server.\n2. Upgrade mgradm and mgrctl.\n3. If you are in a disconnected environment, upgrade the image packages.\n4. Reboot the system.\n5. Run `mgradm upgrade podman` which will use the default image tags.\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-4008,SUSE-SUSE-Manager-Proxy-5.0-2024-4008,SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2024-4008,SUSE-SUSE-Manager-Server-5.0-2024-4008",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-ru-2024_4008-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-RU-2024:4008-1",
        "url": "https://www.suse.com/support/update/announcement//suse-ru-20244008-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-RU-2024:4008-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2024-November/037586.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1223142",
        "url": "https://bugzilla.suse.com/1223142"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1226759",
        "url": "https://bugzilla.suse.com/1226759"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1228424",
        "url": "https://bugzilla.suse.com/1228424"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1228685",
        "url": "https://bugzilla.suse.com/1228685"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229108",
        "url": "https://bugzilla.suse.com/1229108"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229432",
        "url": "https://bugzilla.suse.com/1229432"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1229501",
        "url": "https://bugzilla.suse.com/1229501"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1230136",
        "url": "https://bugzilla.suse.com/1230136"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1230139",
        "url": "https://bugzilla.suse.com/1230139"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1230285",
        "url": "https://bugzilla.suse.com/1230285"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1230288",
        "url": "https://bugzilla.suse.com/1230288"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1231157",
        "url": "https://bugzilla.suse.com/1231157"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1231206",
        "url": "https://bugzilla.suse.com/1231206"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1231497",
        "url": "https://bugzilla.suse.com/1231497"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1231568",
        "url": "https://bugzilla.suse.com/1231568"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232575",
        "url": "https://bugzilla.suse.com/1232575"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1232769",
        "url": "https://bugzilla.suse.com/1232769"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-22037 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-22037/"
      }
    ],
    "title": "Security update for SUSE Manager Server 5.0",
    "tracking": {
      "current_release_date": "2024-11-18T13:20:34Z",
      "generator": {
        "date": "2024-11-18T13:20:34Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-RU-2024:4008-1",
      "initial_release_date": "2024-11-18T13:20:34Z",
      "revision_history": [
        {
          "date": "2024-11-18T13:20:34Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mgradm-0.1.26-150500.3.12.2.aarch64",
                "product": {
                  "name": "mgradm-0.1.26-150500.3.12.2.aarch64",
                  "product_id": "mgradm-0.1.26-150500.3.12.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "mgrctl-0.1.26-150500.3.12.2.aarch64",
                "product": {
                  "name": "mgrctl-0.1.26-150500.3.12.2.aarch64",
                  "product_id": "mgrctl-0.1.26-150500.3.12.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "mgrpxy-0.1.26-150500.3.12.2.aarch64",
                "product": {
                  "name": "mgrpxy-0.1.26-150500.3.12.2.aarch64",
                  "product_id": "mgrpxy-0.1.26-150500.3.12.2.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64",
                "product": {
                  "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64",
                  "product_id": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.aarch64",
                "product": {
                  "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.aarch64",
                  "product_id": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mgradm-bash-completion-0.1.26-150500.3.12.2.noarch",
                "product": {
                  "name": "mgradm-bash-completion-0.1.26-150500.3.12.2.noarch",
                  "product_id": "mgradm-bash-completion-0.1.26-150500.3.12.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "mgradm-lang-0.1.26-150500.3.12.2.noarch",
                "product": {
                  "name": "mgradm-lang-0.1.26-150500.3.12.2.noarch",
                  "product_id": "mgradm-lang-0.1.26-150500.3.12.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "mgradm-zsh-completion-0.1.26-150500.3.12.2.noarch",
                "product": {
                  "name": "mgradm-zsh-completion-0.1.26-150500.3.12.2.noarch",
                  "product_id": "mgradm-zsh-completion-0.1.26-150500.3.12.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "mgrctl-bash-completion-0.1.26-150500.3.12.2.noarch",
                "product": {
                  "name": "mgrctl-bash-completion-0.1.26-150500.3.12.2.noarch",
                  "product_id": "mgrctl-bash-completion-0.1.26-150500.3.12.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "mgrctl-lang-0.1.26-150500.3.12.2.noarch",
                "product": {
                  "name": "mgrctl-lang-0.1.26-150500.3.12.2.noarch",
                  "product_id": "mgrctl-lang-0.1.26-150500.3.12.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "mgrctl-zsh-completion-0.1.26-150500.3.12.2.noarch",
                "product": {
                  "name": "mgrctl-zsh-completion-0.1.26-150500.3.12.2.noarch",
                  "product_id": "mgrctl-zsh-completion-0.1.26-150500.3.12.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch",
                "product": {
                  "name": "mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch",
                  "product_id": "mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "mgrpxy-lang-0.1.26-150500.3.12.2.noarch",
                "product": {
                  "name": "mgrpxy-lang-0.1.26-150500.3.12.2.noarch",
                  "product_id": "mgrpxy-lang-0.1.26-150500.3.12.2.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch",
                "product": {
                  "name": "mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch",
                  "product_id": "mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mgradm-0.1.26-150500.3.12.2.ppc64le",
                "product": {
                  "name": "mgradm-0.1.26-150500.3.12.2.ppc64le",
                  "product_id": "mgradm-0.1.26-150500.3.12.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "mgrctl-0.1.26-150500.3.12.2.ppc64le",
                "product": {
                  "name": "mgrctl-0.1.26-150500.3.12.2.ppc64le",
                  "product_id": "mgrctl-0.1.26-150500.3.12.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "mgrpxy-0.1.26-150500.3.12.2.ppc64le",
                "product": {
                  "name": "mgrpxy-0.1.26-150500.3.12.2.ppc64le",
                  "product_id": "mgrpxy-0.1.26-150500.3.12.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le",
                "product": {
                  "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le",
                  "product_id": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.ppc64le",
                "product": {
                  "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.ppc64le",
                  "product_id": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mgradm-0.1.26-150500.3.12.2.s390x",
                "product": {
                  "name": "mgradm-0.1.26-150500.3.12.2.s390x",
                  "product_id": "mgradm-0.1.26-150500.3.12.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "mgrctl-0.1.26-150500.3.12.2.s390x",
                "product": {
                  "name": "mgrctl-0.1.26-150500.3.12.2.s390x",
                  "product_id": "mgrctl-0.1.26-150500.3.12.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "mgrpxy-0.1.26-150500.3.12.2.s390x",
                "product": {
                  "name": "mgrpxy-0.1.26-150500.3.12.2.s390x",
                  "product_id": "mgrpxy-0.1.26-150500.3.12.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x",
                "product": {
                  "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x",
                  "product_id": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.s390x",
                "product": {
                  "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.s390x",
                  "product_id": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "mgradm-0.1.26-150500.3.12.2.x86_64",
                "product": {
                  "name": "mgradm-0.1.26-150500.3.12.2.x86_64",
                  "product_id": "mgradm-0.1.26-150500.3.12.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "mgrctl-0.1.26-150500.3.12.2.x86_64",
                "product": {
                  "name": "mgrctl-0.1.26-150500.3.12.2.x86_64",
                  "product_id": "mgrctl-0.1.26-150500.3.12.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "mgrpxy-0.1.26-150500.3.12.2.x86_64",
                "product": {
                  "name": "mgrpxy-0.1.26-150500.3.12.2.x86_64",
                  "product_id": "mgrpxy-0.1.26-150500.3.12.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64",
                "product": {
                  "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64",
                  "product_id": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.x86_64",
                "product": {
                  "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.x86_64",
                  "product_id": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Manager Proxy 5.0",
                "product": {
                  "name": "SUSE Manager Proxy 5.0",
                  "product_id": "SUSE Manager Proxy 5.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-manager-proxy:5.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Manager Retail Branch Server Extension 5.0",
                "product": {
                  "name": "SUSE Manager Retail Branch Server Extension 5.0",
                  "product_id": "SUSE Manager Retail Branch Server Extension 5.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-manager-retail-branch-server:5.0"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Manager Server 5.0",
                "product": {
                  "name": "SUSE Manager Server 5.0",
                  "product_id": "SUSE Manager Server 5.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-manager-server:5.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-0.1.26-150500.3.12.2.aarch64 as component of SUSE Manager Proxy 5.0",
          "product_id": "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.aarch64"
        },
        "product_reference": "mgrpxy-0.1.26-150500.3.12.2.aarch64",
        "relates_to_product_reference": "SUSE Manager Proxy 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-0.1.26-150500.3.12.2.ppc64le as component of SUSE Manager Proxy 5.0",
          "product_id": "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.ppc64le"
        },
        "product_reference": "mgrpxy-0.1.26-150500.3.12.2.ppc64le",
        "relates_to_product_reference": "SUSE Manager Proxy 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-0.1.26-150500.3.12.2.s390x as component of SUSE Manager Proxy 5.0",
          "product_id": "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.s390x"
        },
        "product_reference": "mgrpxy-0.1.26-150500.3.12.2.s390x",
        "relates_to_product_reference": "SUSE Manager Proxy 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-0.1.26-150500.3.12.2.x86_64 as component of SUSE Manager Proxy 5.0",
          "product_id": "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.x86_64"
        },
        "product_reference": "mgrpxy-0.1.26-150500.3.12.2.x86_64",
        "relates_to_product_reference": "SUSE Manager Proxy 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Proxy 5.0",
          "product_id": "SUSE Manager Proxy 5.0:mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Proxy 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-lang-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Proxy 5.0",
          "product_id": "SUSE Manager Proxy 5.0:mgrpxy-lang-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgrpxy-lang-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Proxy 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Proxy 5.0",
          "product_id": "SUSE Manager Proxy 5.0:mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Proxy 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64 as component of SUSE Manager Proxy 5.0",
          "product_id": "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64"
        },
        "product_reference": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64",
        "relates_to_product_reference": "SUSE Manager Proxy 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le as component of SUSE Manager Proxy 5.0",
          "product_id": "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le"
        },
        "product_reference": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le",
        "relates_to_product_reference": "SUSE Manager Proxy 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x as component of SUSE Manager Proxy 5.0",
          "product_id": "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x"
        },
        "product_reference": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x",
        "relates_to_product_reference": "SUSE Manager Proxy 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64 as component of SUSE Manager Proxy 5.0",
          "product_id": "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64"
        },
        "product_reference": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64",
        "relates_to_product_reference": "SUSE Manager Proxy 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-0.1.26-150500.3.12.2.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
          "product_id": "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.aarch64"
        },
        "product_reference": "mgrpxy-0.1.26-150500.3.12.2.aarch64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-0.1.26-150500.3.12.2.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
          "product_id": "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.ppc64le"
        },
        "product_reference": "mgrpxy-0.1.26-150500.3.12.2.ppc64le",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-0.1.26-150500.3.12.2.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
          "product_id": "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.s390x"
        },
        "product_reference": "mgrpxy-0.1.26-150500.3.12.2.s390x",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-0.1.26-150500.3.12.2.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
          "product_id": "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.x86_64"
        },
        "product_reference": "mgrpxy-0.1.26-150500.3.12.2.x86_64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Retail Branch Server Extension 5.0",
          "product_id": "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-lang-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Retail Branch Server Extension 5.0",
          "product_id": "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-lang-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgrpxy-lang-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Retail Branch Server Extension 5.0",
          "product_id": "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64 as component of SUSE Manager Retail Branch Server Extension 5.0",
          "product_id": "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64"
        },
        "product_reference": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le as component of SUSE Manager Retail Branch Server Extension 5.0",
          "product_id": "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le"
        },
        "product_reference": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x as component of SUSE Manager Retail Branch Server Extension 5.0",
          "product_id": "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x"
        },
        "product_reference": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64 as component of SUSE Manager Retail Branch Server Extension 5.0",
          "product_id": "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64"
        },
        "product_reference": "uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64",
        "relates_to_product_reference": "SUSE Manager Retail Branch Server Extension 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgradm-0.1.26-150500.3.12.2.aarch64 as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.aarch64"
        },
        "product_reference": "mgradm-0.1.26-150500.3.12.2.aarch64",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgradm-0.1.26-150500.3.12.2.ppc64le as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.ppc64le"
        },
        "product_reference": "mgradm-0.1.26-150500.3.12.2.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgradm-0.1.26-150500.3.12.2.s390x as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.s390x"
        },
        "product_reference": "mgradm-0.1.26-150500.3.12.2.s390x",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgradm-0.1.26-150500.3.12.2.x86_64 as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.x86_64"
        },
        "product_reference": "mgradm-0.1.26-150500.3.12.2.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgradm-bash-completion-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgradm-bash-completion-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgradm-bash-completion-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgradm-lang-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgradm-lang-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgradm-lang-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgradm-zsh-completion-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgradm-zsh-completion-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgradm-zsh-completion-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrctl-0.1.26-150500.3.12.2.aarch64 as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.aarch64"
        },
        "product_reference": "mgrctl-0.1.26-150500.3.12.2.aarch64",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrctl-0.1.26-150500.3.12.2.ppc64le as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.ppc64le"
        },
        "product_reference": "mgrctl-0.1.26-150500.3.12.2.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrctl-0.1.26-150500.3.12.2.s390x as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.s390x"
        },
        "product_reference": "mgrctl-0.1.26-150500.3.12.2.s390x",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrctl-0.1.26-150500.3.12.2.x86_64 as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.x86_64"
        },
        "product_reference": "mgrctl-0.1.26-150500.3.12.2.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrctl-bash-completion-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgrctl-bash-completion-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgrctl-bash-completion-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrctl-lang-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgrctl-lang-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgrctl-lang-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "mgrctl-zsh-completion-0.1.26-150500.3.12.2.noarch as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:mgrctl-zsh-completion-0.1.26-150500.3.12.2.noarch"
        },
        "product_reference": "mgrctl-zsh-completion-0.1.26-150500.3.12.2.noarch",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.aarch64 as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.aarch64"
        },
        "product_reference": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.aarch64",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.ppc64le as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.ppc64le"
        },
        "product_reference": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.ppc64le",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.s390x as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.s390x"
        },
        "product_reference": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.s390x",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.x86_64 as component of SUSE Manager Server 5.0",
          "product_id": "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.x86_64"
        },
        "product_reference": "uyuni-storage-setup-server-5.0.3-150500.12.6.4.x86_64",
        "relates_to_product_reference": "SUSE Manager Server 5.0"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-22037",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-22037"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.aarch64",
          "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.ppc64le",
          "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.s390x",
          "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.x86_64",
          "SUSE Manager Proxy 5.0:mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Proxy 5.0:mgrpxy-lang-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Proxy 5.0:mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64",
          "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le",
          "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x",
          "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64",
          "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.aarch64",
          "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.ppc64le",
          "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.s390x",
          "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.x86_64",
          "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-lang-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64",
          "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le",
          "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x",
          "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64",
          "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.aarch64",
          "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.ppc64le",
          "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.s390x",
          "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.x86_64",
          "SUSE Manager Server 5.0:mgradm-bash-completion-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Server 5.0:mgradm-lang-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Server 5.0:mgradm-zsh-completion-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.aarch64",
          "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.ppc64le",
          "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.s390x",
          "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.x86_64",
          "SUSE Manager Server 5.0:mgrctl-bash-completion-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Server 5.0:mgrctl-lang-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Server 5.0:mgrctl-zsh-completion-0.1.26-150500.3.12.2.noarch",
          "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.aarch64",
          "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.ppc64le",
          "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.s390x",
          "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-22037",
          "url": "https://www.suse.com/security/cve/CVE-2024-22037"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1231497 for CVE-2024-22037",
          "url": "https://bugzilla.suse.com/1231497"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.aarch64",
            "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.ppc64le",
            "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.s390x",
            "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.x86_64",
            "SUSE Manager Proxy 5.0:mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Proxy 5.0:mgrpxy-lang-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Proxy 5.0:mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64",
            "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le",
            "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x",
            "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.aarch64",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.ppc64le",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.s390x",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.x86_64",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-lang-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64",
            "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le",
            "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x",
            "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64",
            "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.aarch64",
            "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.ppc64le",
            "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.s390x",
            "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.x86_64",
            "SUSE Manager Server 5.0:mgradm-bash-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:mgradm-lang-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:mgradm-zsh-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.aarch64",
            "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.ppc64le",
            "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.s390x",
            "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.x86_64",
            "SUSE Manager Server 5.0:mgrctl-bash-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:mgrctl-lang-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:mgrctl-zsh-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.aarch64",
            "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.ppc64le",
            "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.s390x",
            "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.aarch64",
            "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.ppc64le",
            "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.s390x",
            "SUSE Manager Proxy 5.0:mgrpxy-0.1.26-150500.3.12.2.x86_64",
            "SUSE Manager Proxy 5.0:mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Proxy 5.0:mgrpxy-lang-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Proxy 5.0:mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64",
            "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le",
            "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x",
            "SUSE Manager Proxy 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.aarch64",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.ppc64le",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.s390x",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-0.1.26-150500.3.12.2.x86_64",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-bash-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-lang-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Retail Branch Server Extension 5.0:mgrpxy-zsh-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.aarch64",
            "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.ppc64le",
            "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.s390x",
            "SUSE Manager Retail Branch Server Extension 5.0:uyuni-storage-setup-proxy-5.0.3-150500.12.6.4.x86_64",
            "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.aarch64",
            "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.ppc64le",
            "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.s390x",
            "SUSE Manager Server 5.0:mgradm-0.1.26-150500.3.12.2.x86_64",
            "SUSE Manager Server 5.0:mgradm-bash-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:mgradm-lang-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:mgradm-zsh-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.aarch64",
            "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.ppc64le",
            "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.s390x",
            "SUSE Manager Server 5.0:mgrctl-0.1.26-150500.3.12.2.x86_64",
            "SUSE Manager Server 5.0:mgrctl-bash-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:mgrctl-lang-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:mgrctl-zsh-completion-0.1.26-150500.3.12.2.noarch",
            "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.aarch64",
            "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.ppc64le",
            "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.s390x",
            "SUSE Manager Server 5.0:uyuni-storage-setup-server-5.0.3-150500.12.6.4.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-11-18T13:20:34Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-22037"
    }
  ]
}

CVE-2024-22037 (GCVE-0-2024-22037)

Vulnerability from cvelistv5

Published

2024-11-28 09:46

Modified

2024-11-28 12:15

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
5.7 (Medium) - CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L

CWE

CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere

Summary

The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users.

References

▼	URL	Tags
	https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22037

Impacted products

Vendor

Product

Version

▼

SUSE

SUSE Manager Server 5.0

Version: ? < 0.1.26-150500.3.12.2

SUSE	SUSE Manager Server 5.0	Version: ? < 0.1.26-150500.3.12.2
SUSE	SUSE Manager Server 5.0	Version: ? < 0.1.26-150500.3.12.2
SUSE	SUSE Manager Server 5.0	Version: ? < 0.1.26-150500.3.12.2

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22037",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-28T12:09:25.201908Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-28T12:15:16.583Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "mgradm",
          "product": "SUSE Manager Server 5.0",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.1.26-150500.3.12.2",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "mgradm-bash-completion",
          "product": "SUSE Manager Server 5.0",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.1.26-150500.3.12.2",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "mgradm-lang",
          "product": "SUSE Manager Server 5.0",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.1.26-150500.3.12.2",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "mgradm-zsh-completion",
          "product": "SUSE Manager Server 5.0",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.1.26-150500.3.12.2",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "C\u00e9dric Bosdonnat of SUSE"
        }
      ],
      "datePublic": "2024-11-18T13:13:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "The uyuni-server-attestation systemd service needs a database_password environment variable. This file has 640 permission, and cannot be shown users, but the environment is still exposed by systemd to non-privileged users."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "LOCAL",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "LOW",
            "subConfidentialityImpact": "LOW",
            "subIntegrityImpact": "LOW",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "NONE",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-28T09:46:07.525Z",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22037"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Database password leaked by systemd uyuni-server-attestation service",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2024-22037",
    "datePublished": "2024-11-28T09:46:07.525Z",
    "dateReserved": "2024-01-04T12:38:34.025Z",
    "dateUpdated": "2024-11-28T12:15:16.583Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted