SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2013-12-10T15:00:00
Updated: 2013-12-10T14:57:01
Reserved: 2013-05-30T00:00:00
Link: CVE-2013-3710
JSON object: View
NVD Information
Status : Analyzed
Published: 2013-12-10T16:55:25.447
Modified: 2013-12-12T15:18:15.640
Link: CVE-2013-3710
JSON object: View
Redhat Information
No data.
CWE