Detections
Analytics
SUSE SLES15 / openSUSE 15 Security Update : saphanabootstrap-formula (SUSE-SU-2023:0009-1)
high Nessus Plugin ID 169472
Language:
Synopsis
The remote SUSE host is missing a security update.Description
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0009-1 advisory.- Version bump 0.13.1
* revert changes to spec file to re-enable SLES RPM builds
* CVE-2022-45153: Fixed privilege escalation for arbitrary users in hana/ha_cluster.sls (bsc#1205990)
- Version bump 0.13.0
* pass sid to sudoers in a SLES12 compatible way
* add location constraint to gcp_stonith
- Version bump 0.12.1
* moved templates dir into hana dir in repository to be gitfs compatible
- Version bump 0.12.0
* add SAPHanaSR takeover blocker
- Version bump 0.11.0
* use check_cmd instead of tmp sudoers file
* make sudoers rules more secure
* migrate sudoers to template file
- Version bump 0.10.1
* fix hook removal conditions
* fix majority_maker code on case grain is empty
- Version bump 0.10.0
* allow to disable shared HANA basepath and rework add_hosts code (enables HANA scale-out on AWS)
* do not edit global.ini directly (if not needed)
- Version bump 0.9.1
* fix majority_maker code on case grain is empty
- Version bump 0.9.0
* define vip_mechanism for every provider and reorder resources (same schema for all SAP related formulas)
- Version bump 0.8.1
* use multi-target Hook on HANA scale-out
- Version bump 0.8.0
* add HANA scale-out support
* add idempotence to not affect a running HANA and cluster
- Version bump 0.7.2
* add native fencing for microsoft-azure
- fixes a not working import of dbapi in SUSE/ha-sap-terraform-deployments#703
- removes the installation and extraction of all hdbcli files in the /hana/shared/srHook directory
- fixes execution order of srTakeover/srCostOptMemConfig hook
- renames and updates hook srTakeover to srCostOptMemConfig
- Changing exporter stickiness to => 0 and adjusting the colocation score from +inf to -inf and changing the colocation from Master to Slave.
This change fix the impact of a failed exporter in regards to the HANA DB.
- Document extra_parameters in pillar.example (bsc#1185643)
- Change hanadb_exporter default timeout value to 30 seconds
- Set correct stickiness for the azure-lb resource The azure-lb resource receives an stickiness=0 to not influence on transitions calculations as the HANA resources have more priority
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected saphanabootstrap-formula package.See Also
https://bugzilla.suse.com/1185643
https://bugzilla.suse.com/1205990
Plugin Details
Severity: High
ID: 169472
File Name: suse_SU-2023-0009-1.nasl
Version: 1.8
Type: Local
Agent: unix
Family: SuSE Local Security Checks
Published: 1/3/2023
Updated: 6/26/2026
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, tenable_cloud_security, tenable_self_hosted_container_security, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Temporal Score: 5.3
Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C
CVSS Score Source: CVE-2022-45153
CVSS v3
Risk Factor: High
Base Score: 7.8
Temporal Score: 7
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:saphanabootstrap-formula, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 1/2/2023
Vulnerability Publication Date: 2/15/2023
Reference Information
CVE: CVE-2022-45153
SuSE: SUSE-SU-2023:0009-1