CVE-2013-6838 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2013-6838 Interim 1 4 2021-06-16T08:40:25Z current 2021-05-30T13:16:39Z 2021-06-16T08:40:25Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2013-6838 An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro (VIP2000) 9.0.3 (rel903), when using OpenVZ and fallback customization, uses the same SSH private key across different customers' installations, which allows remote attackers to gain privileges by leveraging knowledge of this key. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/opensuse-updates/2014-01/msg00092.html E-Mail link for openSUSE-SU-2014:0138-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE 12.3 openSUSE 13.1 gnumeric-1.12.0-2.4.3 gnumeric-1.12.7-2.5.3 gnumeric-devel-1.12.0-2.4.3 gnumeric-devel-1.12.7-2.5.3 gnumeric-lang-1.12.0-2.4.3 gnumeric-lang-1.12.7-2.5.3 gnumeric-1.12.0-2.4.3 as a component of openSUSE 12.3 gnumeric-debuginfo-1.12.0-2.4.3 as a component of openSUSE 12.3 gnumeric-debugsource-1.12.0-2.4.3 as a component of openSUSE 12.3 gnumeric-devel-1.12.0-2.4.3 as a component of openSUSE 12.3 gnumeric-lang-1.12.0-2.4.3 as a component of openSUSE 12.3 gnumeric-1.12.7-2.5.3 as a component of openSUSE 13.1 gnumeric-debuginfo-1.12.7-2.5.3 as a component of openSUSE 13.1 gnumeric-debugsource-1.12.7-2.5.3 as a component of openSUSE 13.1 gnumeric-devel-1.12.7-2.5.3 as a component of openSUSE 13.1 gnumeric-lang-1.12.7-2.5.3 as a component of openSUSE 13.1 An unspecified Enghouse Interactive Professional Services "addon product" in Enghouse Interactive IVR Pro (VIP2000) 9.0.3 (rel903), when using OpenVZ and fallback customization, uses the same SSH private key across different customers' installations, which allows remote attackers to gain privileges by leveraging knowledge of this key. CVE-2013-6838 openSUSE 12.3:gnumeric-1.12.0-2.4.3 openSUSE 12.3:gnumeric-debuginfo-1.12.0-2.4.3 openSUSE 12.3:gnumeric-debugsource-1.12.0-2.4.3 openSUSE 12.3:gnumeric-devel-1.12.0-2.4.3 openSUSE 12.3:gnumeric-lang-1.12.0-2.4.3 openSUSE 13.1:gnumeric-1.12.7-2.5.3 openSUSE 13.1:gnumeric-debuginfo-1.12.7-2.5.3 openSUSE 13.1:gnumeric-debugsource-1.12.7-2.5.3 openSUSE 13.1:gnumeric-devel-1.12.7-2.5.3 openSUSE 13.1:gnumeric-lang-1.12.7-2.5.3 critical 10 AV:N/AC:L/Au:N/C:C/I:C/A:C