CVE-2016-1601
CVE-2016-1601 · HIGH Severity
AV:N/AC:L/AU:N/C:C/I:C/A:C
yast2-users before 3.1.47, as used in SUSE Linux Enterprise 12 SP1, does not properly set empty password fields in /etc/shadow during an AutoYaST installation when the profile does not contain inst-sys users, which might allow attackers to have unspecified impact via unknown vectors.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.