CVE-2022-21952

Summary

A Missing Authentication for Critical Function vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to easily exhaust available disk resources leading to DoS. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37.

Affected Software

VendorProductVersion RangeStatus
SUSESUSE Manager Server 4.1spacewalk-java < 4.1.46affected
SUSESUSE Manager Server 4.2spacewalk-java < 4.2.37affected

Weaknesses

  • CWE-306: CWE-306: Missing Authentication for Critical Function

ADP Enrichment

CVE Program Container

Additional References

References