Vulnerability in Suse Studio_extension_for_system_z

CVE-2013-3712

SUSE Studio Onsite 1.3.x before 1.3.6 and SUSE Studio Extension for System z 1.3 uses "static" secret tokens, which has unspecified impact and vectors.

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.004 (63.8th percentile) — read the EPSS interpretation.

Affected products

Suse Studio_extension_for_system_z — versions 1.3
Suse Studio_onsite — versions 1.3, 1.3.1, 1.3.2
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

References

SUSE-SU-2014:0254 (vendor-advisory, x_refsource_SUSE, Vendor Advisory)
57050 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)