Detections
Analytics
SUSE SLES15 : Security update 4.3.16 for Multi-Linux Manager Proxy and Retail Branch Server (SUSE-SU-2025:02476-1)
medium Nessus Plugin ID 242656
Language:
Synopsis
The remote SUSE host is missing one or more security updates.Description
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02476-1 advisory.release-notes-susemanager-proxy:
- Update to SUSE Manager 4.3.16
* CVE Fixed CVE-2025-23392, CVE-2025-23393, CVE-2025-46809
* Bugs mentioned:
bsc#1236601, bsc#1236635, bsc#1236779, bsc#1237294, bsc#1238922 bsc#1239826, bsc#1240386, bsc#1242004, bsc#1243460, bsc#1245222 bsc#1245005
Tenable has extracted the preceding description block directly from the SUSE security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update the affected release-notes-susemanager and / or release-notes-susemanager-proxy packages.See Also
https://bugzilla.suse.com/1157520
https://bugzilla.suse.com/1191142
https://bugzilla.suse.com/1209060
https://bugzilla.suse.com/1211373
https://bugzilla.suse.com/1213952
https://bugzilla.suse.com/1216187
https://bugzilla.suse.com/1221031
https://bugzilla.suse.com/1225740
https://bugzilla.suse.com/1230403
https://bugzilla.suse.com/1230908
https://bugzilla.suse.com/1233371
https://bugzilla.suse.com/1234608
https://bugzilla.suse.com/1236601
https://bugzilla.suse.com/1236635
https://bugzilla.suse.com/1236779
https://bugzilla.suse.com/1236810
https://bugzilla.suse.com/1236877
https://bugzilla.suse.com/1236910
https://bugzilla.suse.com/1237060
https://bugzilla.suse.com/1237082
https://bugzilla.suse.com/1237294
https://bugzilla.suse.com/1237403
https://bugzilla.suse.com/1237581
https://bugzilla.suse.com/1237694
https://bugzilla.suse.com/1237770
https://bugzilla.suse.com/1238922
https://bugzilla.suse.com/1238924
https://bugzilla.suse.com/1239102
https://bugzilla.suse.com/1239154
https://bugzilla.suse.com/1239604
https://bugzilla.suse.com/1239743
https://bugzilla.suse.com/1239826
https://bugzilla.suse.com/1239868
https://bugzilla.suse.com/1239907
https://bugzilla.suse.com/1240038
https://bugzilla.suse.com/1240386
https://bugzilla.suse.com/1240666
https://bugzilla.suse.com/1240842
https://bugzilla.suse.com/1241239
https://bugzilla.suse.com/1241286
https://bugzilla.suse.com/1241455
https://bugzilla.suse.com/1241490
https://bugzilla.suse.com/1242004
https://bugzilla.suse.com/1242030
https://bugzilla.suse.com/1242148
https://bugzilla.suse.com/1242554
https://bugzilla.suse.com/1242911
https://bugzilla.suse.com/1243239
https://bugzilla.suse.com/1243460
https://bugzilla.suse.com/1243724
https://bugzilla.suse.com/1243825
https://bugzilla.suse.com/1244065
https://bugzilla.suse.com/1244290
https://bugzilla.suse.com/1245005
https://bugzilla.suse.com/1245027
https://bugzilla.suse.com/1245222
https://bugzilla.suse.com/1245368
https://bugzilla.suse.com/1246119
https://lists.suse.com/pipermail/sle-updates/2025-July/040893.html
https://www.suse.com/security/cve/CVE-2024-38822
https://www.suse.com/security/cve/CVE-2024-38823
https://www.suse.com/security/cve/CVE-2024-38824
https://www.suse.com/security/cve/CVE-2024-38825
https://www.suse.com/security/cve/CVE-2025-22236
https://www.suse.com/security/cve/CVE-2025-22237
https://www.suse.com/security/cve/CVE-2025-22238
https://www.suse.com/security/cve/CVE-2025-22239
https://www.suse.com/security/cve/CVE-2025-22240
https://www.suse.com/security/cve/CVE-2025-22241
https://www.suse.com/security/cve/CVE-2025-22242
https://www.suse.com/security/cve/CVE-2025-23392
https://www.suse.com/security/cve/CVE-2025-23393
Plugin Details
Severity: Medium
ID: 242656
File Name: suse_SU-2025-02476-1.nasl
Version: 1.1
Type: local
Agent: unix
Family: SuSE Local Security Checks
Published: 7/24/2025
Updated: 7/24/2025
Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.3
CVSS v2
Risk Factor: High
Base Score: 7.8
Temporal Score: 5.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N
CVSS Score Source: CVE-2024-38824
CVSS v3
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
CVSS v4
Risk Factor: Medium
Base Score: 5.6
Threat Score: 1.7
Threat Vector: CVSS:4.0/E:U
Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
CVSS Score Source: CVE-2025-23393
Vulnerability Information
CPE: p-cpe:/a:novell:suse_linux:release-notes-susemanager, p-cpe:/a:novell:suse_linux:release-notes-susemanager-proxy, cpe:/o:novell:suse_linux:15
Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 7/23/2025
Vulnerability Publication Date: 5/26/2025
Reference Information
CVE: CVE-2024-38822, CVE-2024-38823, CVE-2024-38824, CVE-2024-38825, CVE-2025-22236, CVE-2025-22237, CVE-2025-22238, CVE-2025-22239, CVE-2025-22240, CVE-2025-22241, CVE-2025-22242, CVE-2025-23392, CVE-2025-23393, CVE-2025-46809, CVE-2025-46811
SuSE: SUSE-SU-2025:02476-1