CVE-2022-31248

Summary

A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java versions prior to 4.2.37-1.

Affected Software

VendorProductVersion RangeStatus
SUSESUSE Manager Server 4.1spacewalk-java < 4.1.46-1affected
SUSESUSE Manager Server 4.2spacewalk-java < 4.2.37-1affected

Weaknesses

  • CWE-204: CWE-204: Observable Response Discrepancy

ADP Enrichment

CVE Program Container

Additional References

References