{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2019-10224","title":"Title"},{"category":"description","text":"A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2019-10224","url":"https://www.suse.com/security/cve/CVE-2019-10224"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1146088 for CVE-2019-10224","url":"https://bugzilla.suse.com/1146088"}],"title":"SUSE CVE CVE-2019-10224","tracking":{"current_release_date":"2025-10-07T09:33:31Z","generator":{"date":"2023-02-15T04:13:27Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2019-10224","initial_release_date":"2023-02-15T04:13:27Z","revision_history":[{"date":"2023-02-15T04:13:27Z","number":"2","summary":"Current version"},{"date":"2023-10-31T02:34:27Z","number":"3","summary":"Current version"},{"date":"2025-01-01T06:37:31Z","number":"4","summary":"Current version"},{"date":"2025-02-15T07:18:31Z","number":"5","summary":"Current version"},{"date":"2025-02-17T07:44:06Z","number":"6","summary":"Current version"},{"date":"2025-03-14T03:26:20Z","number":"7","summary":"Current version"},{"date":"2025-03-15T10:51:07Z","number":"8","summary":"Current version"},{"date":"2025-04-25T06:19:05Z","number":"9","summary":"Current version"},{"date":"2025-10-07T09:33:31Z","number":"10","summary":"Current version"}],"status":"interim","version":"10"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Enterprise Storage 6","product":{"name":"SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6","product_identification_helper":{"cpe":"cpe:/o:suse:ses:6"}}},{"category":"product_name","name":"SUSE Liberty Linux 8","product":{"name":"SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8","product_identification_helper":{"cpe":"cpe:/o:suse:sll:8"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15","product":{"name":"SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP1","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP1","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Server Applications 15","product":{"name":"SUSE Linux Enterprise Module for Server Applications 15","product_id":"SUSE Linux Enterprise Module for Server Applications 15","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-server-applications:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Server Applications 15 SP1","product":{"name":"SUSE Linux Enterprise Module for Server Applications 15 SP1","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-server-applications:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15","product":{"name":"SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP1","product":{"name":"SUSE Linux Enterprise Server 15 SP1","product_id":"SUSE Linux Enterprise Server 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp1"}}},{"category":"product_name","name":"SUSE Manager Proxy 4.0","product":{"name":"SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-proxy:4.0"}}},{"category":"product_name","name":"SUSE Manager Retail Branch Server 4.0","product":{"name":"SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-retail-branch-server:4.0"}}},{"category":"product_name","name":"SUSE Manager Server 4.0","product":{"name":"SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-server:4.0"}}},{"category":"product_version","name":"389-ds","product":{"name":"389-ds","product_id":"389-ds","product_identification_helper":{"cpe":"cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/389-ds@?upstream=389-ds.src.rpm"}}},{"category":"product_version","name":"389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product":{"name":"389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_id":"389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_identification_helper":{"purl":"pkg:rpm/suse/389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f@"}}},{"category":"product_version","name":"389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product":{"name":"389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_id":"389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_identification_helper":{"purl":"pkg:rpm/suse/389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f@"}}},{"category":"product_version","name":"389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product":{"name":"389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_id":"389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_identification_helper":{"purl":"pkg:rpm/suse/389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f@"}}},{"category":"product_version","name":"389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product":{"name":"389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_id":"389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_identification_helper":{"purl":"pkg:rpm/suse/389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f@"}}},{"category":"product_version","name":"389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product":{"name":"389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_id":"389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_identification_helper":{"purl":"pkg:rpm/suse/389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f@"}}},{"category":"product_version","name":"389-ds-devel","product":{"name":"389-ds-devel","product_id":"389-ds-devel","product_identification_helper":{"cpe":"cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/389-ds-devel@?upstream=389-ds.src.rpm"}}},{"category":"product_version","name":"389-ds-snmp","product":{"name":"389-ds-snmp","product_id":"389-ds-snmp","product_identification_helper":{"cpe":"cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/389-ds-snmp@?upstream=389-ds.src.rpm"}}},{"category":"product_version","name":"lib389","product":{"name":"lib389","product_id":"lib389","product_identification_helper":{"cpe":"cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/lib389@?upstream=389-ds.src.rpm"}}},{"category":"product_version","name":"libsvrcore0","product":{"name":"libsvrcore0","product_id":"libsvrcore0","product_identification_helper":{"cpe":"cpe:2.3:o:redhat:389_directory_server:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/libsvrcore0@?upstream=389-ds.src.rpm"}}},{"category":"product_version","name":"python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product":{"name":"python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_id":"python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","product_identification_helper":{"purl":"pkg:rpm/suse/python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f@"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as component of SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8:389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f"},"product_reference":"389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","relates_to_product_reference":"SUSE Liberty Linux 8"},{"category":"default_component_of","full_product_name":{"name":"389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as component of SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8:389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f"},"product_reference":"389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","relates_to_product_reference":"SUSE Liberty Linux 8"},{"category":"default_component_of","full_product_name":{"name":"389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as component of SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8:389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f"},"product_reference":"389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","relates_to_product_reference":"SUSE Liberty Linux 8"},{"category":"default_component_of","full_product_name":{"name":"389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as component of SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8:389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f"},"product_reference":"389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","relates_to_product_reference":"SUSE Liberty Linux 8"},{"category":"default_component_of","full_product_name":{"name":"389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as component of SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8:389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f"},"product_reference":"389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","relates_to_product_reference":"SUSE Liberty Linux 8"},{"category":"default_component_of","full_product_name":{"name":"python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f as component of SUSE Liberty Linux 8","product_id":"SUSE Liberty Linux 8:python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f"},"product_reference":"python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","relates_to_product_reference":"SUSE Liberty Linux 8"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Linux Enterprise Server 15"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Linux Enterprise Server 15"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Linux Enterprise Server 15"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Linux Enterprise Module for Server Applications 15","product_id":"SUSE Linux Enterprise Module for Server Applications 15:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Linux Enterprise Module for Server Applications 15","product_id":"SUSE Linux Enterprise Module for Server Applications 15:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Linux Enterprise Module for Server Applications 15","product_id":"SUSE Linux Enterprise Module for Server Applications 15:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Linux Enterprise Server 15 SP1","product_id":"SUSE Linux Enterprise Server 15 SP1:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Linux Enterprise Server 15 SP1","product_id":"SUSE Linux Enterprise Server 15 SP1:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"389-ds-snmp as component of SUSE Linux Enterprise Server 15 SP1","product_id":"SUSE Linux Enterprise Server 15 SP1:389-ds-snmp"},"product_reference":"389-ds-snmp","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"lib389 as component of SUSE Linux Enterprise Server 15 SP1","product_id":"SUSE Linux Enterprise Server 15 SP1:lib389"},"product_reference":"lib389","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Linux Enterprise Server 15 SP1","product_id":"SUSE Linux Enterprise Server 15 SP1:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"389-ds-snmp as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:389-ds-snmp"},"product_reference":"389-ds-snmp","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"lib389 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:lib389"},"product_reference":"lib389","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Linux Enterprise High Performance Computing 15 SP1","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Linux Enterprise High Performance Computing 15 SP1","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"389-ds-snmp as component of SUSE Linux Enterprise High Performance Computing 15 SP1","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1:389-ds-snmp"},"product_reference":"389-ds-snmp","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"lib389 as component of SUSE Linux Enterprise High Performance Computing 15 SP1","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1:lib389"},"product_reference":"lib389","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Linux Enterprise High Performance Computing 15 SP1","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Manager Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Manager Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"389-ds-snmp as component of SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0:389-ds-snmp"},"product_reference":"389-ds-snmp","relates_to_product_reference":"SUSE Manager Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"lib389 as component of SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0:lib389"},"product_reference":"lib389","relates_to_product_reference":"SUSE Manager Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Manager Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Manager Proxy 4.0"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Manager Proxy 4.0"},{"category":"default_component_of","full_product_name":{"name":"389-ds-snmp as component of SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0:389-ds-snmp"},"product_reference":"389-ds-snmp","relates_to_product_reference":"SUSE Manager Proxy 4.0"},{"category":"default_component_of","full_product_name":{"name":"lib389 as component of SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0:lib389"},"product_reference":"lib389","relates_to_product_reference":"SUSE Manager Proxy 4.0"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Manager Proxy 4.0"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Manager Retail Branch Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Manager Retail Branch Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"389-ds-snmp as component of SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0:389-ds-snmp"},"product_reference":"389-ds-snmp","relates_to_product_reference":"SUSE Manager Retail Branch Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"lib389 as component of SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0:lib389"},"product_reference":"lib389","relates_to_product_reference":"SUSE Manager Retail Branch Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Manager Retail Branch Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Enterprise Storage 6"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Enterprise Storage 6"},{"category":"default_component_of","full_product_name":{"name":"389-ds-snmp as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:389-ds-snmp"},"product_reference":"389-ds-snmp","relates_to_product_reference":"SUSE Enterprise Storage 6"},{"category":"default_component_of","full_product_name":{"name":"lib389 as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:lib389"},"product_reference":"lib389","relates_to_product_reference":"SUSE Enterprise Storage 6"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Enterprise Storage 6"},{"category":"default_component_of","full_product_name":{"name":"389-ds as component of SUSE Linux Enterprise Module for Server Applications 15 SP1","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP1:389-ds"},"product_reference":"389-ds","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"389-ds-devel as component of SUSE Linux Enterprise Module for Server Applications 15 SP1","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP1:389-ds-devel"},"product_reference":"389-ds-devel","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"389-ds-snmp as component of SUSE Linux Enterprise Module for Server Applications 15 SP1","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP1:389-ds-snmp"},"product_reference":"389-ds-snmp","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"lib389 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP1:lib389"},"product_reference":"lib389","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"libsvrcore0 as component of SUSE Linux Enterprise Module for Server Applications 15 SP1","product_id":"SUSE Linux Enterprise Module for Server Applications 15 SP1:libsvrcore0"},"product_reference":"libsvrcore0","relates_to_product_reference":"SUSE Linux Enterprise Module for Server Applications 15 SP1"}]},"vulnerabilities":[{"cve":"CVE-2019-10224","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-10224"}],"notes":[{"category":"general","text":"A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3. When executed in verbose mode, the dscreate and dsconf commands may display sensitive information, such as the Directory Manager password. An attacker, able to see the screen or record the terminal standard error output, could use this flaw to gain sensitive information.","title":"CVE description"}],"product_status":{"known_not_affected":["SUSE Enterprise Storage 6:389-ds","SUSE Enterprise Storage 6:389-ds-devel","SUSE Enterprise Storage 6:389-ds-snmp","SUSE Enterprise Storage 6:lib389","SUSE Enterprise Storage 6:libsvrcore0","SUSE Linux Enterprise High Performance Computing 15 SP1:389-ds","SUSE Linux Enterprise High Performance Computing 15 SP1:389-ds-devel","SUSE Linux Enterprise High Performance Computing 15 SP1:389-ds-snmp","SUSE Linux Enterprise High Performance Computing 15 SP1:lib389","SUSE Linux Enterprise High Performance Computing 15 SP1:libsvrcore0","SUSE Linux Enterprise High Performance Computing 15:389-ds","SUSE Linux Enterprise High Performance Computing 15:389-ds-devel","SUSE Linux Enterprise High Performance Computing 15:libsvrcore0","SUSE Linux Enterprise Module for Server Applications 15 SP1:389-ds","SUSE Linux Enterprise Module for Server Applications 15 SP1:389-ds-devel","SUSE Linux Enterprise Module for Server Applications 15 SP1:389-ds-snmp","SUSE Linux Enterprise Module for Server Applications 15 SP1:lib389","SUSE Linux Enterprise Module for Server Applications 15 SP1:libsvrcore0","SUSE Linux Enterprise Module for Server Applications 15:389-ds","SUSE Linux Enterprise Module for Server Applications 15:389-ds-devel","SUSE Linux Enterprise Module for Server Applications 15:libsvrcore0","SUSE Linux Enterprise Server 15 SP1:389-ds","SUSE Linux Enterprise Server 15 SP1:389-ds-devel","SUSE Linux Enterprise Server 15 SP1:389-ds-snmp","SUSE Linux Enterprise Server 15 SP1:lib389","SUSE Linux Enterprise Server 15 SP1:libsvrcore0","SUSE Linux Enterprise Server 15:389-ds","SUSE Linux Enterprise Server 15:389-ds-devel","SUSE Linux Enterprise Server 15:libsvrcore0","SUSE Linux Enterprise Server for SAP Applications 15 SP1:389-ds","SUSE Linux Enterprise Server for SAP Applications 15 SP1:389-ds-devel","SUSE Linux Enterprise Server for SAP Applications 15 SP1:389-ds-snmp","SUSE Linux Enterprise Server for SAP Applications 15 SP1:lib389","SUSE Linux Enterprise Server for SAP Applications 15 SP1:libsvrcore0","SUSE Linux Enterprise Server for SAP Applications 15:389-ds","SUSE Linux Enterprise Server for SAP Applications 15:389-ds-devel","SUSE Linux Enterprise Server for SAP Applications 15:libsvrcore0","SUSE Manager Proxy 4.0:389-ds","SUSE Manager Proxy 4.0:389-ds-devel","SUSE Manager Proxy 4.0:389-ds-snmp","SUSE Manager Proxy 4.0:lib389","SUSE Manager Proxy 4.0:libsvrcore0","SUSE Manager Retail Branch Server 4.0:389-ds","SUSE Manager Retail Branch Server 4.0:389-ds-devel","SUSE Manager Retail Branch Server 4.0:389-ds-snmp","SUSE Manager Retail Branch Server 4.0:lib389","SUSE Manager Retail Branch Server 4.0:libsvrcore0","SUSE Manager Server 4.0:389-ds","SUSE Manager Server 4.0:389-ds-devel","SUSE Manager Server 4.0:389-ds-snmp","SUSE Manager Server 4.0:lib389","SUSE Manager Server 4.0:libsvrcore0"],"recommended":["SUSE Liberty Linux 8:389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f"]},"references":[{"category":"external","summary":"CVE-2019-10224","url":"https://www.suse.com/security/cve/CVE-2019-10224"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1146088 for CVE-2019-10224","url":"https://bugzilla.suse.com/1146088"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Liberty Linux 8:389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f"]}],"scores":[{"cvss_v3":{"baseScore":4.6,"baseSeverity":"MEDIUM","vectorString":"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.0"},"products":["SUSE Liberty Linux 8:389-ds-base-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-devel-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-legacy-tools-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-libs-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:389-ds-base-snmp-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f","SUSE Liberty Linux 8:python3-lib389-1.4.1.3-7.module+el8.1.0+4150+5b8c2c1f"]}],"threats":[{"category":"impact","date":"2019-08-16T07:06:12Z","details":"moderate"}],"title":"CVE-2019-10224"}]}