World-readable permissions for secret keys in SUSE Lifecycle Management Server (SLMS) before 1.3.7 vulnerability

CVE-2013-7042 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

SUSE Lifecycle Management Server (SLMS) before 1.3.7 uses world-readable permissions for the secret keys, which allows local users to gain privileges via unspecified vectors.

Learn more about our Cis Benchmark Audit For Server Software.