CVE-2025-46809 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-46809 PUBLISHED CVSS 6.900000095367432 MEDIUM

A Insertion of Sensitive Information into Log File vulnerability in SUSE Multi Linux Manager exposes the HTTP proxy credentials. This issue affects Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1: from ? before 5.0.27-150600.3.33.1; Image SLES15-SP4-Manager-Server-4-3-BYOS: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2: from ? before 4.3.87-150400.3.110.2; Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE: from ? before 4.3.87-150400.3.110.2; SUSE Manager Server Module 4.3: from ? before 4.3.87-150400.3.110.2.

EPSS 0.03% · 8.7th percentile

Risk Scores

CVSS v4.0

6.900000095367432

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

EPSS Score

0.03%

8.7th percentile

Affected Products

Vendor	Product	Versions
SUSE	Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE	?
SUSE	Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2	?
SUSE	SUSE Manager Server Module 4.3	?
SUSE	SUSE Manager Proxy Module 4.3	?
SUSE	Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2	?
SUSE	Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE	?
SUSE	Image SLES15-SP4-Manager-Server-4-3-BYOS	?
SUSE	Container suse/manager/4.3/proxy-httpd:4.3.16.9.67.1	?
SUSE	Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure	?
SUSE	Image SLES15-SP4-Manager-Proxy-4-3-BYOS	?
SUSE	Container suse/manager/5.0/x86_64/proxy-httpd:5.0.5.7.23.1	?
SUSE	Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure	?
SUSE	Container suse/manager/5.0/x86_64/server:5.0.5.7.30.1	?

Timeline

Jul 31, 2025 Coalition ESS Score
Jul 31, 2025 CVE Published
Jul 31, 2025 PoC Published
Aug 1, 2025 EPSS Score
Aug 9, 2025 EPSS Score
Aug 17, 2025 EPSS Score
Aug 25, 2025 EPSS Score
Aug 26, 2025 Coalition ESS Score
Sep 3, 2025 EPSS Score
Sep 11, 2025 EPSS Score
Sep 19, 2025 EPSS Score
Sep 27, 2025 EPSS Score

References

Open in Interactive Console →