Oval Definition:oval:org.opensuse.security:def:201819443
Revision Date:2021-10-24Version:1
Title:CVE-2018-19443
Description:

The client in Tryton 5.x before 5.0.1 tries to make a connection to the bus in cleartext instead of encrypted under certain circumstances in bus.py and jsonrpc.py. This connection attempt fails, but it contains in the header the current session of the user. This session could then be stolen by a man-in-the-middle.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-19443
Mitre CVE-2018-19443
SUSE CVE-2018-19443
openSUSE-SU-2018:4242-1
openSUSE-SU-2018:4248-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 42.3
SUSE Linux Enterprise High Performance Computing 15
SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Package Hub for SUSE Linux Enterprise 15
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • tryton-4.2.19-lp150.2.10 is installed
  • AND tryton is signed with openSUSE key
  • OR
  • trytond-4.2.17-lp150.2.15 is installed
  • AND trytond is signed with openSUSE key
  • OR
  • trytond_account-4.2.10-lp150.2.3 is installed
  • AND trytond_account is signed with openSUSE key
  • OR
  • trytond_account_invoice-4.2.7-lp150.2.3 is installed
  • AND trytond_account_invoice is signed with openSUSE key
  • OR
  • trytond_purchase_request-4.2.4-lp150.2.3 is installed
  • AND trytond_purchase_request is signed with openSUSE key
  • OR
  • trytond_stock-4.2.8-lp150.2.3 is installed
  • AND trytond_stock is signed with openSUSE key
  • OR
  • trytond_stock_supply-4.2.3-lp150.2.7 is installed
  • AND trytond_stock_supply is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • tryton-4.2.19-28 is installed
  • AND tryton is signed with openSUSE key
  • OR
  • trytond-4.2.17-33 is installed
  • AND trytond is signed with openSUSE key
  • OR
  • trytond_account-4.2.10-12 is installed
  • AND trytond_account is signed with openSUSE key
  • OR
  • trytond_account_invoice-4.2.7-2.3 is installed
  • AND trytond_account_invoice is signed with openSUSE key
  • OR
  • trytond_currency-4.2.2-6 is installed
  • AND trytond_currency is signed with openSUSE key
  • OR
  • trytond_purchase-4.2.6-9 is installed
  • AND trytond_purchase is signed with openSUSE key
  • OR
  • trytond_purchase_request-4.2.4-9 is installed
  • AND trytond_purchase_request is signed with openSUSE key
  • OR
  • trytond_stock-4.2.8-12 is installed
  • AND trytond_stock is signed with openSUSE key
  • OR
  • trytond_stock_supply-4.2.3-2.3 is installed
  • AND trytond_stock_supply is signed with openSUSE key
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND Package Information
  • tryton-4.2.19-bp150.2.6 is installed
  • OR trytond-4.2.17-bp150.2.6 is installed
  • OR trytond_account-4.2.10-bp150.3.3 is installed
  • OR trytond_account_invoice-4.2.7-bp150.3.3 is installed
  • OR trytond_purchase_request-4.2.4-bp150.3.3 is installed
  • OR trytond_stock-4.2.8-bp150.3.3 is installed
  • OR trytond_stock_supply-4.2.3-bp150.3.6 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 is installed
  • AND Package Information
  • tryton-4.2.19-bp150.2.6.1 is installed
  • OR trytond-4.2.17-bp150.2.6.1 is installed
  • OR trytond_account-4.2.10-bp150.3.3.1 is installed
  • OR trytond_account_invoice-4.2.7-bp150.3.3.1 is installed
  • OR trytond_purchase_request-4.2.4-bp150.3.3.1 is installed
  • OR trytond_stock-4.2.8-bp150.3.3.1 is installed
  • OR trytond_stock_supply-4.2.3-bp150.3.6.1 is installed
    • BACK