Suse · Suse Linux Smt · CVE-2018-12472
**Name of the Vulnerable Software and Affected Versions**
SUSE Linux SMT versions prior to 3.0.37
**Description**
The issue is related to insufficient authentication procedure using the HOST header in SUSE Linux Subscription Management Tool (SMT), allowing a remote attacker to spoof a server.
**Recommendations**
For versions prior to 3.0.37, update to version 3.0.37 or later to resolve the issue.