VYPR
Unrated severityNVD Advisory· Published Feb 15, 2023· Updated Mar 18, 2025

supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh

CVE-2022-45154

Description

A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects: SUSE Linux Enterprise Server 12 supportutils version 3.0.10-95.51.1CWE-312: Cleartext Storage of Sensitive Information and prior versions. SUSE Linux Enterprise Server 15 supportutils version 3.1.21-150000.5.44.1 and prior versions. SUSE Linux Enterprise Server 15 SP3 supportutils version 3.1.21-150300.7.35.15.1 and prior versions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

30

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.