Oval Definition:	oval:org.opensuse.security:def:20223287
Revision Date: 2023-06-22 Version: 1 Title: CVE-2022-3287 Description: When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated password to /etc/fwupd/redfish.conf without proper restriction, allowing any user on the system to read the same configuration file. Family: unix Class: vulnerability Status: Reference(s): Mitre CVE-2022-3287 SUSE CVE-2022-3287 Platform(s): SUSE Linux Enterprise Desktop 15 SP5 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise Module for Desktop Applications 15 SP5 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP5 Product(s): Definition Synopsis Release Information SUSE Linux Enterprise Desktop 15 SP5 is installed OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed OR SUSE Linux Enterprise Module for Desktop Applications 15 SP5 is installed OR SUSE Linux Enterprise Server 15 SP5 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed AND Package Information fwupd-1.8.6-150500.2.2 is installed OR fwupd-bash-completion-1.8.6-150500.2.2 is installed OR fwupd-devel-1.8.6-150500.2.2 is installed OR fwupd-lang-1.8.6-150500.2.2 is installed OR libfwupd2-1.8.6-150500.2.2 is installed OR typelib-1_0-Fwupd-2_0-1.8.6-150500.2.2 is installed
BACK