CVE-2025-46809
Plain text HTTP Proxy user and password in repolog accessible from the Multi Linux Manager UI
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Plain text HTTP Proxy user and password in repolog accessible from the Multi Linux Manager UI
A Insertion of Sensitive Information into Log File vulnerability in SUSE Multi Linux Manager exposes the HTTP proxy credentials. This issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.27-150600.3.33.1; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.87-150400.3.110.2; SUSE Manager Server Module 4.3: from ? before 4.3.87-150400.3.110.2.
Reserved 2025-04-30 | Published 2025-07-31 | Updated 2025-07-31 | Assigner suseCWE-532: Insertion of Sensitive Information into Log File
bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46809
Support options
