Unrated severityNVD Advisory· Published Feb 15, 2023· Updated Mar 18, 2025
supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh
CVE-2022-45154
Description
A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects: SUSE Linux Enterprise Server 12 supportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions. SUSE Linux Enterprise Server 15 supportutils version 3.1.21-150000.5.44.1 and prior versions. SUSE Linux Enterprise Server 15 SP3 supportutils version 3.1.21-150300.7.35.15.1 and prior versions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
30- Range: <=3.0.10-95.51.1 (SLES12), <=3.1.21-150000.5.44.1 (SLES15), <=3.1.21-150300.7.35.15.1 (SLES15 SP3)
- osv-coords26 versionspkg:rpm/opensuse/supportutils&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/supportutils&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/supportutils&distro=openSUSE%20Tumbleweedpkg:rpm/suse/supportutils&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/supportutils&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/supportutils&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/supportutils&distro=SUSE%20Manager%20Server%204.2
< 3.1.26-150300.7.35.21.1+ 25 more
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.25-1.1
- (no CPE)range: < 3.1.26-150000.5.50.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150000.5.50.1
- (no CPE)range: < 3.1.26-150000.5.50.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.0.11-95.54.1
- (no CPE)range: < 3.1.26-150000.5.50.1
- (no CPE)range: < 3.1.26-150000.5.50.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.0.11-95.54.1
- (no CPE)range: < 3.1.26-150000.5.50.1
- (no CPE)range: < 3.1.26-150000.5.50.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
- (no CPE)range: < 3.1.26-150300.7.35.21.1
supportutils+ 2 more
- (no CPE)range: supportutils
- (no CPE)range: supportutils
- (no CPE)range: supportutils
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.