Unrated severityNVD Advisory· Published Dec 26, 2018· Updated Sep 16, 2024
yast2-rmt leaks database passwords in process list
CVE-2018-17957
Description
The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- Range: <1.1.2
- osv-coords2 versionspkg:rpm/opensuse/yast2-rmt&distro=openSUSE%20Tumbleweedpkg:rpm/suse/yast2-rmt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015
< 1.3.3-1.2+ 1 more
- (no CPE)range: < 1.3.3-1.2
- (no CPE)range: < 1.1.2-3.11.1
Patches
Vulnerability mechanics
References
2- bugzilla.suse.com/show_bug.cgimitrex_refsource_CONFIRM
- lists.opensuse.org/opensuse-security-announce/2018-12/msg00068.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.