CVE-2023-32182

Summary

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1.

Affected Software

VendorProductVersion RangeStatus
SUSESUSE Linux Enterprise Desktop 15 SP5? < 3.7.3-150500.3.5.1affected
SUSESUSE Linux Enterprise High Performance Computing 15 SP5? < 3.7.3-150500.3.5.1affected
SUSEopenSUSE Leap 15.5? < 3.7.3-150500.3.5.1affected

Weaknesses

  • CWE-59: CWE-59: Improper Link Resolution Before File Access ('Link Following')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References