{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2019-19882","title":"Title"},{"category":"description","text":"shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2019-19882","url":"https://www.suse.com/security/cve/CVE-2019-19882"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1159633 for CVE-2019-19882","url":"https://bugzilla.suse.com/1159633"}],"title":"SUSE CVE CVE-2019-19882","tracking":{"current_release_date":"2025-07-31T23:32:09Z","generator":{"date":"2023-02-15T04:05:47Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2019-19882","initial_release_date":"2023-02-15T04:05:47Z","revision_history":[{"date":"2023-02-15T04:05:47Z","number":"2","summary":"Current version"},{"date":"2025-01-01T06:07:56Z","number":"3","summary":"Current version"},{"date":"2025-02-15T06:45:28Z","number":"4","summary":"Current version"},{"date":"2025-02-17T07:10:29Z","number":"5","summary":"Current version"},{"date":"2025-03-13T17:08:51Z","number":"6","summary":"Current version"},{"date":"2025-03-15T10:25:14Z","number":"7","summary":"Current version"},{"date":"2025-04-25T05:55:16Z","number":"8","summary":"Current version"},{"date":"2025-07-31T23:32:09Z","number":"9","summary":"Current version"}],"status":"interim","version":"9"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE CaaS Platform 3.0","product":{"name":"SUSE CaaS Platform 3.0","product_id":"SUSE CaaS Platform 3.0","product_identification_helper":{"cpe":"cpe:/o:suse:caasp:3.0"}}},{"category":"product_name","name":"SUSE Container as a Service Platform 2.0","product":{"name":"SUSE Container as a Service Platform 2.0","product_id":"SUSE Container as a Service Platform 2.0","product_identification_helper":{"cpe":"cpe:/o:suse:caasp:2.0"}}},{"category":"product_name","name":"SUSE Enterprise Storage 6","product":{"name":"SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6","product_identification_helper":{"cpe":"cpe:/o:suse:ses:6"}}},{"category":"product_name","name":"SUSE Linux Enterprise Desktop 12 SP4","product":{"name":"SUSE Linux Enterprise Desktop 12 SP4","product_id":"SUSE Linux Enterprise Desktop 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sled:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Desktop 15","product":{"name":"SUSE Linux Enterprise Desktop 15","product_id":"SUSE Linux Enterprise Desktop 15","product_identification_helper":{"cpe":"cpe:/o:suse:sled:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Desktop 15 SP1","product":{"name":"SUSE Linux Enterprise Desktop 15 SP1","product_id":"SUSE Linux Enterprise Desktop 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sled:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 12 SP4","product":{"name":"SUSE Linux Enterprise High Performance Computing 12 SP4","product_id":"SUSE Linux Enterprise High Performance Computing 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sle-hpc:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 12 SP5","product":{"name":"SUSE Linux Enterprise High Performance Computing 12 SP5","product_id":"SUSE Linux Enterprise High Performance Computing 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sle-hpc:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15","product":{"name":"SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise High Performance Computing 15 SP1","product":{"name":"SUSE Linux Enterprise High Performance Computing 15 SP1","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sle_hpc:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15","product_id":"SUSE Linux Enterprise Module for Basesystem 15","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Module for Basesystem 15 SP1","product":{"name":"SUSE Linux Enterprise Module for Basesystem 15 SP1","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sle-module-basesystem:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP1-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP1-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP2-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP2-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP3-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP3-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP3-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP4","product":{"name":"SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP4-LTSS","product":{"name":"SUSE Linux Enterprise Server 12 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:sles-ltss:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP5","product":{"name":"SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15","product":{"name":"SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 15 SP1","product":{"name":"SUSE Linux Enterprise Server 15 SP1","product_id":"SUSE Linux Enterprise Server 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sles:15:sp1"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server Teradata 12 SP3","product":{"name":"SUSE Linux Enterprise Server Teradata 12 SP3","product_id":"SUSE Linux Enterprise Server Teradata 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles_teradata:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP2","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP2","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP2","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp2"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp3"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp4"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:15:sp1"}}},{"category":"product_name","name":"SUSE Manager Proxy 4.0","product":{"name":"SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-proxy:4.0"}}},{"category":"product_name","name":"SUSE Manager Retail Branch Server 4.0","product":{"name":"SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-retail-branch-server:4.0"}}},{"category":"product_name","name":"SUSE Manager Server 4.0","product":{"name":"SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0","product_identification_helper":{"cpe":"cpe:/o:suse:suse-manager-server:4.0"}}},{"category":"product_version","name":"shadow","product":{"name":"shadow","product_id":"shadow","product_identification_helper":{"cpe":"cpe:2.3:a:shadow_project:shadow:*:*:*:*:*:*:*:*","purl":"pkg:rpm/suse/shadow@?upstream=shadow.src.rpm"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE CaaS Platform 3.0","product_id":"SUSE CaaS Platform 3.0:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE CaaS Platform 3.0"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Container as a Service Platform 2.0","product_id":"SUSE Container as a Service Platform 2.0:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Container as a Service Platform 2.0"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Desktop 12 SP4","product_id":"SUSE Linux Enterprise Desktop 12 SP4:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Desktop 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise High Performance Computing 12 SP4","product_id":"SUSE Linux Enterprise High Performance Computing 12 SP4:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise High Performance Computing 12 SP5","product_id":"SUSE Linux Enterprise High Performance Computing 12 SP5:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server 15","product_id":"SUSE Linux Enterprise Server 15:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server 15"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Desktop 15","product_id":"SUSE Linux Enterprise Desktop 15:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server for SAP Applications 15","product_id":"SUSE Linux Enterprise Server for SAP Applications 15:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise High Performance Computing 15","product_id":"SUSE Linux Enterprise High Performance Computing 15:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Module for Basesystem 15","product_id":"SUSE Linux Enterprise Module for Basesystem 15:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server 15 SP1","product_id":"SUSE Linux Enterprise Server 15 SP1:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Desktop 15 SP1","product_id":"SUSE Linux Enterprise Desktop 15 SP1:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Desktop 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1","product_id":"SUSE Linux Enterprise Server for SAP Applications 15 SP1:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise High Performance Computing 15 SP1","product_id":"SUSE Linux Enterprise High Performance Computing 15 SP1:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise High Performance Computing 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Manager Server 4.0","product_id":"SUSE Manager Server 4.0:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Manager Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Manager Proxy 4.0","product_id":"SUSE Manager Proxy 4.0:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Manager Proxy 4.0"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Manager Retail Branch Server 4.0","product_id":"SUSE Manager Retail Branch Server 4.0:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Manager Retail Branch Server 4.0"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Enterprise Storage 6","product_id":"SUSE Enterprise Storage 6:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Enterprise Storage 6"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Module for Basesystem 15 SP1","product_id":"SUSE Linux Enterprise Module for Basesystem 15 SP1:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Module for Basesystem 15 SP1"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server 12 SP1-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP1-LTSS:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP1-LTSS"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server 12 SP2-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP2-LTSS:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP2-LTSS"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server 12 SP3-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP3-LTSS:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP3-LTSS"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server 12 SP4","product_id":"SUSE Linux Enterprise Server 12 SP4:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server 12 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 12 SP4-LTSS:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server Teradata 12 SP3","product_id":"SUSE Linux Enterprise Server Teradata 12 SP3:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server Teradata 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP2:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP2"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP3:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP3"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP4:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP4"},{"category":"default_component_of","full_product_name":{"name":"shadow as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:shadow"},"product_reference":"shadow","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"}]},"vulnerabilities":[{"cve":"CVE-2019-19882","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2019-19882"}],"notes":[{"category":"general","text":"shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8).","title":"CVE description"}],"product_status":{"known_affected":["SUSE Linux Enterprise Server 12 SP4-LTSS:shadow"],"known_not_affected":["SUSE CaaS Platform 3.0:shadow","SUSE Container as a Service Platform 2.0:shadow","SUSE Enterprise Storage 6:shadow","SUSE Linux Enterprise Desktop 12 SP4:shadow","SUSE Linux Enterprise Desktop 15 SP1:shadow","SUSE Linux Enterprise Desktop 15:shadow","SUSE Linux Enterprise High Performance Computing 12 SP4:shadow","SUSE Linux Enterprise High Performance Computing 12 SP5:shadow","SUSE Linux Enterprise High Performance Computing 15 SP1:shadow","SUSE Linux Enterprise High Performance Computing 15:shadow","SUSE Linux Enterprise Module for Basesystem 15 SP1:shadow","SUSE Linux Enterprise Module for Basesystem 15:shadow","SUSE Linux Enterprise Server 12 SP1-LTSS:shadow","SUSE Linux Enterprise Server 12 SP2-LTSS:shadow","SUSE Linux Enterprise Server 12 SP3-LTSS:shadow","SUSE Linux Enterprise Server 12 SP4:shadow","SUSE Linux Enterprise Server 12 SP5:shadow","SUSE Linux Enterprise Server 15 SP1:shadow","SUSE Linux Enterprise Server 15:shadow","SUSE Linux Enterprise Server Teradata 12 SP3:shadow","SUSE Linux Enterprise Server for SAP Applications 12 SP2:shadow","SUSE Linux Enterprise Server for SAP Applications 12 SP3:shadow","SUSE Linux Enterprise Server for SAP Applications 12 SP4:shadow","SUSE Linux Enterprise Server for SAP Applications 12 SP5:shadow","SUSE Linux Enterprise Server for SAP Applications 15 SP1:shadow","SUSE Linux Enterprise Server for SAP Applications 15:shadow","SUSE Manager Proxy 4.0:shadow","SUSE Manager Retail Branch Server 4.0:shadow","SUSE Manager Server 4.0:shadow"]},"references":[{"category":"external","summary":"CVE-2019-19882","url":"https://www.suse.com/security/cve/CVE-2019-19882"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1159633 for CVE-2019-19882","url":"https://bugzilla.suse.com/1159633"}],"threats":[{"category":"impact","date":"2019-12-18T22:59:24Z","details":"important"}],"title":"CVE-2019-19882"}]}