Vulnerability Description
The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Novell | Suse Linux | 10 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
- http://osvdb.org/70405
- http://secunia.com/advisories/42877
- http://www.vupen.com/english/advisories/2011/0076
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64690
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
- http://osvdb.org/70405
- http://secunia.com/advisories/42877
- http://www.vupen.com/english/advisories/2011/0076
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64690
FAQ
What is CVE-2010-3912?
CVE-2010-3912 is a vulnerability with a CVSS score of 10.0 (HIGH). The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors.
How severe is CVE-2010-3912?
CVE-2010-3912 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-3912?
Check the references section above for vendor advisories and patch information. Affected products include: Novell Suse Linux.