CVE-2013-3710 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2013-3710 Interim 1 6 2022-03-01T01:09:05Z current 2021-05-30T13:13:20Z 2022-03-01T01:09:05Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2013-3710 SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2013-December/000656.html E-Mail link for SUSE-SU-2013:1813-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Lifecycle Management Server 1.3 slms-1.3.7-0.5.1 slms-core-1.3.7-0.5.1 slms-customer-center-1.3.7-0.5.1 slms-devel-doc-1.3.7-0.5.1 slms-external-1.3.7-0.5.1 slms-registration-1.3.7-0.5.1 slms-testsuite-1.3.7-0.5.1 slms-1.3.7-0.5.1 as a component of SUSE Lifecycle Management Server 1.3 slms-core-1.3.7-0.5.1 as a component of SUSE Lifecycle Management Server 1.3 slms-customer-center-1.3.7-0.5.1 as a component of SUSE Lifecycle Management Server 1.3 slms-devel-doc-1.3.7-0.5.1 as a component of SUSE Lifecycle Management Server 1.3 slms-external-1.3.7-0.5.1 as a component of SUSE Lifecycle Management Server 1.3 slms-registration-1.3.7-0.5.1 as a component of SUSE Lifecycle Management Server 1.3 slms-testsuite-1.3.7-0.5.1 as a component of SUSE Lifecycle Management Server 1.3 SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere. CVE-2013-3710 SUSE Lifecycle Management Server 1.3:slms-1.3.7-0.5.1 SUSE Lifecycle Management Server 1.3:slms-core-1.3.7-0.5.1 SUSE Lifecycle Management Server 1.3:slms-customer-center-1.3.7-0.5.1 SUSE Lifecycle Management Server 1.3:slms-devel-doc-1.3.7-0.5.1 SUSE Lifecycle Management Server 1.3:slms-external-1.3.7-0.5.1 SUSE Lifecycle Management Server 1.3:slms-registration-1.3.7-0.5.1 SUSE Lifecycle Management Server 1.3:slms-testsuite-1.3.7-0.5.1 critical 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N