CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Suse: >> Yast2 Security Vulnerabilities

CVE-2016-1601

yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vectors.

CVSS Score

9.8

EPSS Score

0.005

Published

2016-04-26

Page 1

Vulnerabilities

Vulnerable Software

Suse: >> Yast2 Security Vulnerabilities

Products

Pricing

Contact Us