CVE-2011-3172

A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE Linux Enterprise: versions prior to 12.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
Affected Products (NVD)
VendorProductVersion
susesuse_linux_enterprise_server
𝑥
< 12.0
𝑥
= Vulnerable software versions
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
pam-modules
suse enterprise sap 12 SP5
12.1-23.12
fixed
suse enterprise server 12
12.1-23.6
fixed
suse enterprise server 12 SP1
12.1-23.12
fixed
suse enterprise server 12 SP2
12.1-23.6
fixed
suse enterprise server 12 SP3
12.1-23.6
fixed
suse enterprise server 12 SP4
12.1-23.6
fixed
suse enterprise server 12 SP5
12.1-23.6
fixed
pam-modules-32bit
suse enterprise sap 12 SP5
12.1-23.12
fixed
suse enterprise server 12
12.1-23.12
fixed
suse enterprise server 12 SP1
12.1-23.12
fixed
suse enterprise server 12 SP2
12.1-23.12
fixed
suse enterprise server 12 SP3
12.1-23.12
fixed
suse enterprise server 12 SP4
12.1-23.12
fixed
suse enterprise server 12 SP5
12.1-23.12
fixed
Common Weakness Enumeration
References
https://bugzilla.suse.com/show_bug.cgi?id=707645
https://build.opensuse.org/request/show/80346
https://bugzilla.suse.com/show_bug.cgi?id=707645
https://build.opensuse.org/request/show/80346