CVE-2017-15638
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; before 3.6.312.333-3.10.1 in SLE Desktop 12 SP3 and Server 12 SP3; before 3.6_SVNr208-2.18.3.1 in SLE Server 11 SP4; before 3.6.312-5.9.1 in openSUSE Leap 42.2; and before 3.6.312.333-7.1 in openSUSE Leap 42.3 might allow remote attackers to bypass intended access restrictions on the portmap service by leveraging a missing source net restriction for _rpc_ services.
El paquete SuSEfirewall2 en versiones anteriores a la 3.6.312-2.13.1 en SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2 y Server para Raspberry Pi 12 SP2; en versiones anteriores a la 3.6.312.333-3.10.1 en SLE Desktop 12 SP3 y Server 12 SP3; en versiones anteriores a la 3.6_SVNr208-2.18.3.1 en SLE Server 11 SP4; en versiones anteriores a la 3.6.312-5.9.1 en openSUSE Leap 42.2 y en versiones anteriores a la 3.6.312.333-7.1 en openSUSE Leap 42.3 podrÃa permitir que atacantes remotos omitan las restricciones de acceso planeadas en el servicio portmap aprovechando la ausencia de una restricción de red de origen para servicios _rpc_.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-10-19 CVE Reserved
- 2017-11-09 CVE Published
- 2024-07-22 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-updates/2017-11/msg00014.html | 2019-10-03 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Suse Search vendor "Suse" | Susefirewall2 Search vendor "Suse" for product "Susefirewall2" | - | - |
Affected
| in | Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 42.2 Search vendor "Opensuse" for product "Leap" and version "42.2" | - |
Safe
|
Suse Search vendor "Suse" | Susefirewall2 Search vendor "Suse" for product "Susefirewall2" | - | - |
Affected
| in | Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 42.3 Search vendor "Opensuse" for product "Leap" and version "42.3" | - |
Safe
|
Suse Search vendor "Suse" | Susefirewall2 Search vendor "Suse" for product "Susefirewall2" | - | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Desktop Search vendor "Suse" for product "Linux Enterprise Desktop" | 12 Search vendor "Suse" for product "Linux Enterprise Desktop" and version "12" | sp2 |
Safe
|
Suse Search vendor "Suse" | Susefirewall2 Search vendor "Suse" for product "Susefirewall2" | - | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Desktop Search vendor "Suse" for product "Linux Enterprise Desktop" | 12 Search vendor "Suse" for product "Linux Enterprise Desktop" and version "12" | sp3 |
Safe
|
Suse Search vendor "Suse" | Susefirewall2 Search vendor "Suse" for product "Susefirewall2" | - | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 11 Search vendor "Suse" for product "Linux Enterprise Server" and version "11" | sp4 |
Safe
|
Suse Search vendor "Suse" | Susefirewall2 Search vendor "Suse" for product "Susefirewall2" | - | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | sp2 |
Safe
|
Suse Search vendor "Suse" | Susefirewall2 Search vendor "Suse" for product "Susefirewall2" | - | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server Search vendor "Suse" for product "Linux Enterprise Server" | 12 Search vendor "Suse" for product "Linux Enterprise Server" and version "12" | sp3 |
Safe
|
Suse Search vendor "Suse" | Susefirewall2 Search vendor "Suse" for product "Susefirewall2" | - | - |
Affected
| in | Suse Search vendor "Suse" | Linux Enterprise Server For Raspberry Pi Search vendor "Suse" for product "Linux Enterprise Server For Raspberry Pi" | 12 Search vendor "Suse" for product "Linux Enterprise Server For Raspberry Pi" and version "12" | sp2 |
Safe
|