CVE-2023-32182

Description

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Affected products

SUSE / openSUSE Leap 15.5? – 3.7.3-150500.3.5.1
SUSE / SUSE Linux Enterprise Desktop 15 SP5? – 3.7.3-150500.3.5.1
SUSE / SUSE Linux Enterprise High Performance Computing 15 SP5? – 3.7.3-150500.3.5.1

References

MISChttps://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32182