Missing Critical Step in Authentication
CVE-2011-3172
Summary
A vulnerability in pam_modules of SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE Linux Enterprise: versions prior to 12.
- LOW
- NETWORK
- LOW
- UNCHANGED
- NONE
- LOW
- LOW
- NONE
CWE-304 - Missing Critical Step in Authentication
The software implements an authentication technique, but it skips a step that weakens the technique.
References
Advisory Timeline
- Published
