Suse Subscription Management Tool — known CVE vulnerabilities
Every CVE whose affected-product data names Suse Subscription Management Tool, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2018-12470 — CVSS 9.8 (critical): A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to cause execute arbitrary SQL statements…
CVE-2018-12472 — CVSS 7.3 (high): A improper authentication using the HOST header in SUSE Linux SMT allows remote attackers to spoof a sibling server. Affected releases are…
CVE-2018-12471 — CVSS 6.5 (medium): A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT allows remote attackers to read data from the server or cause DoS by…