CVE-2023-32182 — MEDIUM (5.9)

Vulnerability Description

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1.

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Opensuse	Leap	15.5
Suse	Linux Enterprise High Performance Computing	15.0
Suse	Suse Linux Enterprise Desktop	15

Related Weaknesses (CWE)

CWE-59

References

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32182ExploitIssue Tracking
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32182ExploitIssue Tracking

FAQ

What is CVE-2023-32182?

CVE-2023-32182 is a vulnerability with a CVSS score of 5.9 (MEDIUM). A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfi...

How severe is CVE-2023-32182?

CVE-2023-32182 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-32182?

Check the references section above for vendor advisories and patch information. Affected products include: Opensuse Leap, Suse Linux Enterprise High Performance Computing, Suse Suse Linux Enterprise Desktop.