rpm package
suse/yast2-users&distro=SUSE Linux Enterprise Server 12 SP1
pkg:rpm/suse/yast2-users&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-1601 | Cri | 9.8 | < 3.1.41.3-9.1 | 3.1.41.3-9.1 | Apr 26, 2016 | yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vect |
- affected < 3.1.41.3-9.1fixed 3.1.41.3-9.1
yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vect