Suse · Suse Manager Server · CVE-2024-22037
**Name of the Vulnerable Software and Affected Versions**
SUSE Manager Server (affected versions not specified)
**Description**
The issue concerns the exposure of sensitive system information due to the uyuni-server-attestation systemd service needing a `database password` environment variable. Although the file containing this variable has 640 permission and cannot be directly shown to users, the environment is still exposed by systemd to non-privileged users, potentially leading to unauthorized access.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.