https://bugzilla.suse.com/1231652
https://bugzilla.suse.com/1243271
https://lists.suse.com/pipermail/sle-updates/2025-May/039393.html
Severity: Medium
ID: 237536
File Name: suse_SU-2025-01738-1.nasl
Version: 1.1
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 5/30/2025
Updated: 5/30/2025
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Factor: Low
Score: 3.8
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.9
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSS Score Source: CVE-2024-6763
Risk Factor: Medium
Base Score: 5.3
Temporal Score: 4.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C
Risk Factor: Medium
Base Score: 6.3
Threat Score: 2.9
Threat Vector: CVSS:4.0/E:P
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
CPE: p-cpe:/a:novell:suse_linux:jetty-servlet, p-cpe:/a:novell:suse_linux:jetty-continuation, p-cpe:/a:novell:suse_linux:jetty-server, p-cpe:/a:novell:suse_linux:jetty-util-ajax, p-cpe:/a:novell:suse_linux:jetty-util, p-cpe:/a:novell:suse_linux:jetty-io, p-cpe:/a:novell:suse_linux:jetty-security, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:jetty-http
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 5/29/2025
Vulnerability Publication Date: 10/14/2024
CVE: CVE-2024-13009, CVE-2024-6763
SuSE: SUSE-SU-2025:01738-1