Unrated severityNVD Advisory· Published Jun 22, 2022· Updated Sep 16, 2024
SUMA user enumeration via weak error message
CVE-2022-31248
Description
A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
106- Range: <4.1.46-1
- osv-coords103 versionspkg:rpm/suse/apache-commons-csv&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/apache-commons-csv&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/apache-commons-math3&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/apache-commons-math3&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/drools&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/drools&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/golang-github-prometheus-node_exporter&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/golang-github-QubitProducts-exporter_exporter&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/image-sync-formula&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/inter-server-sync&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/inter-server-sync&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/jakarta-commons-validator&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/jakarta-commons-validator&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/jose4j&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/jose4j&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/kie-api&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/kie-api&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/mvel2&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/mvel2&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/optaplanner&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/optaplanner&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/patterns-suse-manager&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/postgresql-jdbc&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/prometheus-exporters-formula&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/prometheus-formula&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/prometheus-formula&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/py27-compat-salt&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/py27-compat-salt&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/python-susemanager-retail&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/python-susemanager-retail&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/python-urlgrabber&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/release-notes-susemanager&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/release-notes-susemanager&distro=SUSE%20Manager%20Server%204.2pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/release-notes-susemanager-proxy&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.2pkg:rpm/suse/reprepro&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/salt-netapi-client&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/salt-netapi-client&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/smdba&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/smdba&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-admin&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-backend&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-branding&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-certs-tools&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-config&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-java&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-search&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-search&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-setup&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacewalk-setup&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-setup&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-utils&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/spacewalk-web&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/subscription-matcher&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/subscription-matcher&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/subscription-matcher&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Manager%20Proxy%20Module%204.2pkg:rpm/suse/supportutils-plugin-salt&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-build-keys&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager-doc-indexes&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/susemanager-doc-indexes&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-docs_en&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-schema&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Server%20Module%204.1pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/susemanager-sls&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/susemanager-sync-data&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/uyuni-common-libs&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/virtual-host-gatherer&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/virtual-host-gatherer&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/woodstox&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/woodstox&distro=SUSE%20Manager%20Server%20Module%204.3pkg:rpm/suse/xmlpull-api&distro=SUSE%20Manager%20Server%20Module%204.2pkg:rpm/suse/xmlpull-api&distro=SUSE%20Manager%20Server%20Module%204.3
< 1.2-150300.3.3.2+ 102 more
- (no CPE)range: < 1.2-150300.3.3.2
- (no CPE)range: < 1.2-150400.3.3.1
- (no CPE)range: < 3.2-150300.3.3.2
- (no CPE)range: < 3.2-150400.3.3.1
- (no CPE)range: < 7.17.0-150300.4.3.2
- (no CPE)range: < 7.17.0-150400.3.3.1
- (no CPE)range: < 0.7.0-150200.2.6.2
- (no CPE)range: < 1.3.0-150200.3.9.3
- (no CPE)range: < 0.4.0-150200.6.12.2
- (no CPE)range: < 0.1.1658330139.861779d-150400.3.3.1
- (no CPE)range: < 0.2.2-150300.8.17.1
- (no CPE)range: < 0.2.3-150400.3.3.1
- (no CPE)range: < 1.1.4-21.150300.21.3.3
- (no CPE)range: < 1.1.4-21.150400.21.3.4
- (no CPE)range: < 0.5.1-150300.3.3.2
- (no CPE)range: < 0.5.1-150400.3.3.1
- (no CPE)range: < 7.17.0-150300.4.3.2
- (no CPE)range: < 7.17.0-150400.3.3.1
- (no CPE)range: < 2.2.6.Final-150300.3.3.2
- (no CPE)range: < 2.2.6.Final-150400.3.3.1
- (no CPE)range: < 7.17.0-150300.4.3.2
- (no CPE)range: < 7.17.0-150400.3.3.1
- (no CPE)range: < 4.1-150200.6.12.2
- (no CPE)range: < 42.2.10-150200.3.8.2
- (no CPE)range: < 0.9.5-150200.3.31.2
- (no CPE)range: < 0.3.7-150200.3.21.2
- (no CPE)range: < 0.6.2-150300.3.14.1
- (no CPE)range: < 3000.3-150200.6.24.2
- (no CPE)range: < 3000.3-150300.7.7.20.2
- (no CPE)range: < 1.0.1653987003.92d4870-150300.3.3.2
- (no CPE)range: < 1.0.1658330139.861779d-150400.3.3.1
- (no CPE)range: < 4.1.0-150400.3.3.1
- (no CPE)range: < 4.1.15-150200.3.80.1
- (no CPE)range: < 4.2.7-150300.3.44.1
- (no CPE)range: < 4.1.15-150200.3.56.1
- (no CPE)range: < 4.2.7-150300.3.31.2
- (no CPE)range: < 4.1.15-150200.3.56.1
- (no CPE)range: < 4.2.7-150300.3.31.2
- (no CPE)range: < 5.3.0-150400.3.3.1
- (no CPE)range: < 0.19.0-150300.3.6.1
- (no CPE)range: < 0.20.0-150400.3.3.5
- (no CPE)range: < 1.7.10-0.150300.3.6.1
- (no CPE)range: < 1.7.10-0.150400.4.3.1
- (no CPE)range: < 4.2.17-150300.4.21.4
- (no CPE)range: < 4.1.18-150200.4.39.3
- (no CPE)range: < 4.2.17-150300.4.21.4
- (no CPE)range: < 4.3.14-150400.3.3.2
- (no CPE)range: < 4.2.11-150300.3.12.3
- (no CPE)range: < 4.2.22-150300.4.23.1
- (no CPE)range: < 4.1.31-150200.4.50.4
- (no CPE)range: < 4.2.22-150300.4.23.1
- (no CPE)range: < 4.3.15-150400.3.3.5
- (no CPE)range: < 4.2.14-150300.3.12.3
- (no CPE)range: < 4.2.16-150300.3.18.3
- (no CPE)range: < 4.2.16-150300.3.18.3
- (no CPE)range: < 4.3.14-150400.3.3.2
- (no CPE)range: < 4.2.19-150300.4.21.3
- (no CPE)range: < 4.3.11-150400.3.3.4
- (no CPE)range: < 4.3.9-150400.3.3.3
- (no CPE)range: < 4.3.5-150400.3.3.2
- (no CPE)range: < 4.1.46-150200.3.71.5
- (no CPE)range: < 4.2.38-150300.3.35.1
- (no CPE)range: < 4.3.35-150400.3.3.5
- (no CPE)range: < 4.2.7-150300.3.9.2
- (no CPE)range: < 4.3.6-150400.3.3.3
- (no CPE)range: < 4.1.11-150200.3.18.2
- (no CPE)range: < 4.2.11-150300.3.15.2
- (no CPE)range: < 4.3.10-150400.3.3.3
- (no CPE)range: < 4.1.20-150200.3.30.2
- (no CPE)range: < 4.2.16-150300.3.15.5
- (no CPE)range: < 4.3.13-150400.3.3.3
- (no CPE)range: < 4.2.27-150300.3.21.7
- (no CPE)range: < 4.1.34-150200.3.47.6
- (no CPE)range: < 4.2.27-150300.3.21.7
- (no CPE)range: < 4.3.23-150400.3.3.4
- (no CPE)range: < 0.28-150200.3.15.2
- (no CPE)range: < 0.29-150300.6.9.2
- (no CPE)range: < 0.29-150400.3.3.1
- (no CPE)range: < 1.2.0-150300.3.3.1
- (no CPE)range: < 1.2.0-150300.3.3.1
- (no CPE)range: < 15.4.3-150400.3.3.1
- (no CPE)range: < 4.1.36-150200.3.52.1
- (no CPE)range: < 4.2.32-150300.3.31.1
- (no CPE)range: < 4.3.18-150400.3.3.2
- (no CPE)range: < 4.1-150200.11.55.4
- (no CPE)range: < 4.2-150300.12.27.6
- (no CPE)range: < 4.1-150200.11.55.2
- (no CPE)range: < 4.2-150300.12.27.1
- (no CPE)range: < 4.3-150400.9.3.1
- (no CPE)range: < 4.1.26-150200.3.45.4
- (no CPE)range: < 4.2.22-150300.3.21.6
- (no CPE)range: < 4.3.13-150400.3.3.3
- (no CPE)range: < 4.1.36-150200.3.64.2
- (no CPE)range: < 4.2.23-150300.3.25.4
- (no CPE)range: < 4.3.24-150400.3.3.1
- (no CPE)range: < 4.2.12-150300.3.18.3
- (no CPE)range: < 4.3.5-150400.3.3.2
- (no CPE)range: < 1.0.23-150300.3.3.1
- (no CPE)range: < 1.0.23-150400.3.3.1
- (no CPE)range: < 4.4.2-150300.3.3.2
- (no CPE)range: < 4.4.2-150400.3.3.1
- (no CPE)range: < 1.1.3.1-150300.3.3.2
- (no CPE)range: < 1.1.3.1-150400.3.3.1
spacewalk-java+ 1 more
- (no CPE)range: spacewalk-java
- (no CPE)range: spacewalk-java
Patches
Vulnerability mechanics
References
1- bugzilla.suse.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.