Security Bulletin
This security bulletin contains one medium risk vulnerability.
EUVDB-ID: #VU69263
Risk: Medium
CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-31008
CWE-ID:
CWE-330 - Use of Insufficiently Random Values
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exist due to insufficient randomization in Shovel and Federation plugins when obfuscating URI. The encryption key used to encrypt the URI was seeded with a predictable secret. A remote attacker can gain access to sensitive information.
Update the affected package rabbitmq-server to the latest version.
Vulnerable software versionsSUSE Enterprise Storage: 7.1
SUSE Manager Retail Branch Server: 4.2 - 4.3
SUSE Manager Server: 4.2 - 4.3
SUSE Manager Proxy: 4.2 - 4.3
openSUSE Leap: 15.3 - 15.4
SUSE Linux Enterprise Server for SAP Applications: 15-SP3 - 15-SP4
SUSE Linux Enterprise Server: 15-SP3 - 15-SP4
SUSE Linux Enterprise High Performance Computing: 15-SP3 - 15-SP4
SUSE Linux Enterprise Module for Server Applications: 15-SP3 - 15-SP4
rabbitmq-server-plugins: before 3.8.11-150300.3.11.1
rabbitmq-server: before 3.8.11-150300.3.11.1
erlang-rabbitmq-client: before 3.8.11-150300.3.11.1
External linkshttp://www.suse.com/support/update/announcement/2022/suse-su-20224378-1/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.