Zypper Commandline Package Update Tool Logfile Vulnerability

Zypper Commandline Package Update Tool Logfile Vulnerability

CVE-2017-9271 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used.

Learn more about our Web Application Penetration Testing UK.