SUSE update for SUSE Manager Client Tools



Risk High
Patch available YES
Number of vulnerabilities 7
CVE-ID CVE-2023-3128
CVE-2023-6152
CVE-2024-22037
CVE-2024-45337
CVE-2024-51744
CVE-2024-6837
CVE-2024-8118
CWE-ID CWE-287
CWE-863
CWE-200
CWE-285
CWE-1059
CWE-79
CWE-284
Exploitation vector Network
Public exploit Public exploit code for vulnerability #4 is available.
Vulnerable software
SUSE Manager Client Tools for SLE
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for the Raspberry Pi
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop 12
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications 12
Operating systems & Components / Operating system

SUSE Linux Enterprise Server 12
Operating systems & Components / Operating system

SUSE Linux Enterprise High Performance Computing 12
Operating systems & Components / Operating system

SUSE Linux Enterprise Server for SAP Applications
Operating systems & Components / Operating system

SUSE Linux Enterprise Server
Operating systems & Components / Operating system

SUSE Linux Enterprise Desktop
Operating systems & Components / Operating system

spacecmd
Operating systems & Components / Operating system package or component

supportutils-plugin-salt
Operating systems & Components / Operating system package or component

mgrctl-bash-completion
Operating systems & Components / Operating system package or component

mgrctl-zsh-completion
Operating systems & Components / Operating system package or component

supportutils-plugin-susemanager-client
Operating systems & Components / Operating system package or component

grafana
Operating systems & Components / Operating system package or component

golang-github-prometheus-promu
Operating systems & Components / Operating system package or component

golang-github-prometheus-prometheus
Operating systems & Components / Operating system package or component

mgrctl-debuginfo
Operating systems & Components / Operating system package or component

mgrctl
Operating systems & Components / Operating system package or component

Vendor SUSE

Security Bulletin

This security bulletin contains information about 7 vulnerabilities.

1) Improper Authentication

EUVDB-ID: #VU77652

Risk: High

CVSSv4.0: 8 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-3128

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to an error in Azure AD OAuth implementation. Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. A remote attacker can modify their profile and provide the email address of  an existing Grafana user, bypass authentication process and gain unauthorized access to the application.

The vulnerability affects Grafana installations with Azure AD OAuth configured for a multi-tenant app.


Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Client Tools for SLE: 12

SUSE Linux Enterprise Server for the Raspberry Pi: 12-SP2

SUSE Linux Enterprise Desktop 12: SP1 - SP4

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

SUSE Linux Enterprise Desktop: 12-SP5

spacecmd: before 5.0.11-38.153.1

supportutils-plugin-salt: before 1.2.3-6.25.1

mgrctl-bash-completion: before 0.1.28-1.16.1

mgrctl-zsh-completion: before 0.1.28-1.16.1

supportutils-plugin-susemanager-client: before 5.0.4-6.33.1

grafana: before 10.4.13-1.66.2

golang-github-prometheus-promu: before 0.17.0-1.24.1

golang-github-prometheus-prometheus: before 2.53.3-1.56.1

mgrctl-debuginfo: before 0.1.28-1.16.1

mgrctl: before 0.1.28-1.16.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250524-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Incorrect authorization

EUVDB-ID: #VU89210

Risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-6152

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass email verification.

The vulnerability exists due to email addresses are verified only during sign up, if "verify_email_enabled" option is set. A remote attacker can register an account and then set an arbitrary email address without verification.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Client Tools for SLE: 12

SUSE Linux Enterprise Server for the Raspberry Pi: 12-SP2

SUSE Linux Enterprise Desktop 12: SP1 - SP4

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

SUSE Linux Enterprise Desktop: 12-SP5

spacecmd: before 5.0.11-38.153.1

supportutils-plugin-salt: before 1.2.3-6.25.1

mgrctl-bash-completion: before 0.1.28-1.16.1

mgrctl-zsh-completion: before 0.1.28-1.16.1

supportutils-plugin-susemanager-client: before 5.0.4-6.33.1

grafana: before 10.4.13-1.66.2

golang-github-prometheus-promu: before 0.17.0-1.24.1

golang-github-prometheus-prometheus: before 2.53.3-1.56.1

mgrctl-debuginfo: before 0.1.28-1.16.1

mgrctl: before 0.1.28-1.16.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250524-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Information disclosure

EUVDB-ID: #VU104016

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-22037

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to the uyuni-server-attestation systemd service uses the database_password environment variable to store password. A local user can obtain the password via systemd.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Client Tools for SLE: 12

SUSE Linux Enterprise Server for the Raspberry Pi: 12-SP2

SUSE Linux Enterprise Desktop 12: SP1 - SP4

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

SUSE Linux Enterprise Desktop: 12-SP5

spacecmd: before 5.0.11-38.153.1

supportutils-plugin-salt: before 1.2.3-6.25.1

mgrctl-bash-completion: before 0.1.28-1.16.1

mgrctl-zsh-completion: before 0.1.28-1.16.1

supportutils-plugin-susemanager-client: before 5.0.4-6.33.1

grafana: before 10.4.13-1.66.2

golang-github-prometheus-promu: before 0.17.0-1.24.1

golang-github-prometheus-prometheus: before 2.53.3-1.56.1

mgrctl-debuginfo: before 0.1.28-1.16.1

mgrctl: before 0.1.28-1.16.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250524-1/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper authorization

EUVDB-ID: #VU101777

Risk: Medium

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2024-45337

CWE-ID: CWE-285 - Improper Authorization

Exploit availability: Yes

Description

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to improper authorization caused by improper usage of the ServerConfig.PublicKeyCallback callback. A remote attacker can bypass authorization in certain cases and gain access to the application.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Client Tools for SLE: 12

SUSE Linux Enterprise Server for the Raspberry Pi: 12-SP2

SUSE Linux Enterprise Desktop 12: SP1 - SP4

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

SUSE Linux Enterprise Desktop: 12-SP5

spacecmd: before 5.0.11-38.153.1

supportutils-plugin-salt: before 1.2.3-6.25.1

mgrctl-bash-completion: before 0.1.28-1.16.1

mgrctl-zsh-completion: before 0.1.28-1.16.1

supportutils-plugin-susemanager-client: before 5.0.4-6.33.1

grafana: before 10.4.13-1.66.2

golang-github-prometheus-promu: before 0.17.0-1.24.1

golang-github-prometheus-prometheus: before 2.53.3-1.56.1

mgrctl-debuginfo: before 0.1.28-1.16.1

mgrctl: before 0.1.28-1.16.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250524-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

5) Insufficient technical documentation

EUVDB-ID: #VU101894

Risk: Low

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-51744

CWE-ID: CWE-1059 - Insufficient Technical Documentation

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due due to unclear documentation of the error behavior in "ParseWithClaims". A remote attacker can trick the victim into accepting invalid tokens, which can lead to information disclosure.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Client Tools for SLE: 12

SUSE Linux Enterprise Server for the Raspberry Pi: 12-SP2

SUSE Linux Enterprise Desktop 12: SP1 - SP4

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

SUSE Linux Enterprise Desktop: 12-SP5

spacecmd: before 5.0.11-38.153.1

supportutils-plugin-salt: before 1.2.3-6.25.1

mgrctl-bash-completion: before 0.1.28-1.16.1

mgrctl-zsh-completion: before 0.1.28-1.16.1

supportutils-plugin-susemanager-client: before 5.0.4-6.33.1

grafana: before 10.4.13-1.66.2

golang-github-prometheus-promu: before 0.17.0-1.24.1

golang-github-prometheus-prometheus: before 2.53.3-1.56.1

mgrctl-debuginfo: before 0.1.28-1.16.1

mgrctl: before 0.1.28-1.16.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250524-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Cross-site scripting

EUVDB-ID: #VU96048

Risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-6837

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

Description

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data in the "/swagger" endpoint. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Client Tools for SLE: 12

SUSE Linux Enterprise Server for the Raspberry Pi: 12-SP2

SUSE Linux Enterprise Desktop 12: SP1 - SP4

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

SUSE Linux Enterprise Desktop: 12-SP5

spacecmd: before 5.0.11-38.153.1

supportutils-plugin-salt: before 1.2.3-6.25.1

mgrctl-bash-completion: before 0.1.28-1.16.1

mgrctl-zsh-completion: before 0.1.28-1.16.1

supportutils-plugin-susemanager-client: before 5.0.4-6.33.1

grafana: before 10.4.13-1.66.2

golang-github-prometheus-promu: before 0.17.0-1.24.1

golang-github-prometheus-prometheus: before 2.53.3-1.56.1

mgrctl-debuginfo: before 0.1.28-1.16.1

mgrctl: before 0.1.28-1.16.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250524-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Improper access control

EUVDB-ID: #VU99259

Risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-8118

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to wrong permission is applied to the alert rule write API endpoint. A remote user with permission to write external alert instances can also write alert rules.

Mitigation

Update the affected package SUSE Manager Client Tools to the latest version.

Vulnerable software versions

SUSE Manager Client Tools for SLE: 12

SUSE Linux Enterprise Server for the Raspberry Pi: 12-SP2

SUSE Linux Enterprise Desktop 12: SP1 - SP4

SUSE Linux Enterprise Server for SAP Applications 12: SP1 - SP5

SUSE Linux Enterprise Server 12: SP1 - SP5

SUSE Linux Enterprise High Performance Computing 12: SP2 - SP5

SUSE Linux Enterprise Server for SAP Applications: 12-SP4

SUSE Linux Enterprise Server: 12-SP2-LTSS-ERICSSON

SUSE Linux Enterprise Desktop: 12-SP5

spacecmd: before 5.0.11-38.153.1

supportutils-plugin-salt: before 1.2.3-6.25.1

mgrctl-bash-completion: before 0.1.28-1.16.1

mgrctl-zsh-completion: before 0.1.28-1.16.1

supportutils-plugin-susemanager-client: before 5.0.4-6.33.1

grafana: before 10.4.13-1.66.2

golang-github-prometheus-promu: before 0.17.0-1.24.1

golang-github-prometheus-prometheus: before 2.53.3-1.56.1

mgrctl-debuginfo: before 0.1.28-1.16.1

mgrctl: before 0.1.28-1.16.1

CPE2.3 External links

https://www.suse.com/support/update/announcement/2025/suse-su-20250524-1/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###