Suse - Studio Onsite CVE

Filtered by vendor Suse Subscribe

Filtered by product Studio Onsite

Total 22 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2013-3712	1 Suse	2 Studio Extension For System Z, Studio Onsite	2014-03-10	10.0 HIGH	N/A
SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.
CVE-2013-3709	2 Novell, Suse	3 Suse Lifecycle Management Server, Studio Onsite, Webyast	2014-01-14	7.2 HIGH	N/A
WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.

Vulnerabilities (CVE)