VYPR

yast2-users

by SUSE S.A.

CVEs (1)

  • CVE-2016-1601CriApr 26, 2016
    risk 0.64cvss 9.8epss 0.02

    yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown…