Oval Definition:oval:org.opensuse.security:def:202136370
Revision Date:2022-09-02Version:1
Title:CVE-2021-36370
Description:

An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2021-36370
SUSE CVE-2021-36370
openSUSE-SU-2022:0061-1
Platform(s):openSUSE Leap 15.3
openSUSE Leap 15.4
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Server 11 SP1
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • mc-4.8.27-1.1 is installed
  • OR mc-lang-4.8.27-1.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP1 is installed
  • OR SUSE Linux Enterprise Server 11 SP3 is installed
  • AND mc is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • mc is affected
  • OR mc-lang is affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • mc is affected
  • OR mc-lang is affected
    • Definition Synopsis
  • openSUSE Leap 15.3 is installed
  • AND Package Information
  • mc-4.8.27-bp153.2.3.1 is installed
  • AND mc is signed with openSUSE key
  • OR
  • mc-lang-4.8.27-bp153.2.3.1 is installed
  • AND mc-lang is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 15.4 is installed
  • AND Package Information
  • mc-4.8.27-bp154.1.50 is installed
  • AND mc is signed with openSUSE key
  • OR
  • mc-lang-4.8.27-bp154.1.50 is installed
  • AND mc-lang is signed with openSUSE key
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND Package Information
  • mc is affected
  • OR mc-lang is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND mc is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • mc is affected
  • OR mc-lang is affected
    • BACK