- Description
- A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Public Cloud 15-SP1, SUSE Linux Enterprise Module for Server Applications 15, SUSE Linux Enterprise Module for Server Applications 15-SP1, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1 allows remote attackers to cause DoS against rmt by requesting migrations. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise High Performance Computing 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Public Cloud 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Module for Server Applications 15 rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Module for Server Applications 15-SP1 rmt-server versions prior to 2.5.2-3.9.1. SUSE Linux Enterprise Server 15-LTSS rmt-server versions prior to 2.5.2-3.26.1. SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.5.2-3.26.1. openSUSE Leap 15.1 rmt-server versions prior to 2.5.2-lp151.2.9.1.
- Source
- meissner@suse.de
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:rmt-server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7ABB40A2-DE54-475F-BBBB-8FCD891E8100",
"versionEndIncluding": "2.5.2-3.26.1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_high_performance_computing:15.0:*:*:*:espos:*:*:*",
"vulnerable": false,
"matchCriteriaId": "BB4F0686-6047-45DE-A482-E879228FD52B"
},
{
"criteria": "cpe:2.3:a:suse:linux_enterprise_high_performance_computing:15.0:*:*:*:ltss:*:*:*",
"vulnerable": false,
"matchCriteriaId": "02069D2C-DA12-4EA9-806E-5A509351313B"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:-:*:*",
"vulnerable": false,
"matchCriteriaId": "B1B7847D-6C17-4817-B71E-C034894B70A9"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:ltss:*:*",
"vulnerable": false,
"matchCriteriaId": "293AC7BE-C913-40A1-AAA5-70BE6F3969EB"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:*:*:*:*:sap:*:*",
"vulnerable": false,
"matchCriteriaId": "C665A768-DBDA-4197-9159-A2791E98A84F"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:rmt-server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "21762B81-D97C-4519-A114-227CDCDE9D04",
"versionEndIncluding": "2.5.2-3.9.1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise:15.0:sp1:*:*:*:public_cloud:*:*",
"vulnerable": false,
"matchCriteriaId": "42E9552D-4E10-4AF0-B5A7-688815322465"
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:15:sp1:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8A2C602E-AA0C-44DF-BC22-E32CADF1F05B"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opensuse:rmt-server:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95E688AD-6FEB-4935-8376-FFDA0F137CF5",
"versionEndIncluding": "2.5.2-lp151.2.9.1"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]