CVE-2023-32182

2023-09-1916:15:09

CWE-59

[email protected]

web.nvd.nist.gov

improper link resolution

file access

suse

linux

security vulnerability

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

6.4

Confidence

High

EPSS

Percentile

9.0%

JSON

A Improper Link Resolution Before File Access (‘Link Following’) vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1.

Affected configurations

Nvd

Node

opensuseleapMatch15.5

suselinux_enterprise_high_performance_computingMatch15.0sp5-

susesuse_linux_enterprise_desktopMatch15sp5

VendorProductVersionCPE
opensuseleap15.5cpe:2.3:o:opensuse:leap:15.5:*:*:*:*:*:*:*
suselinux_enterprise_high_performance_computing15.0cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp5:*:*:-:*:*:*
susesuse_linux_enterprise_desktop15cpe:2.3:o:suse:suse_linux_enterprise_desktop:15:sp5:*:*:*:*:*:*

Vendor	Product	Version	CPE
opensuse	leap	15.5	cpe:2.3:o:opensuse:leap:15.5:::::::*
suse	linux_enterprise_high_performance_computing	15.0	cpe:2.3:o:suse:linux_enterprise_high_performance_computing:15.0:sp5:::-:::*
suse	suse_linux_enterprise_desktop	15	cpe:2.3:o:suse:suse_linux_enterprise_desktop:15:sp5::::::