Will Kline

**Name of the Vulnerable Software and Affected Versions** SUSE Longhorn versions prior to 1.1.3 SUSE Longhorn versions prior to 1.2.3 **Description** A Missing Authentication for Critical Function issue in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. **Recommendations** For SUSE Longhorn versions prior to 1.1.3, update to version 1.1.3 or later to resolve the issue. For SUSE Longhorn versions prior to 1.2.3, update to version 1.2.3 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** SUSE Longhorn longhorn versions prior to 1.1.3 longhorn versions prior to 1.2.3v **Description** A Missing Authentication for Critical Function issue in longhorn of SUSE Longhorn allows attackers to connect to a longhorn-engine replica instance, granting them the ability to read and write data to and from a replica that they should not have access to. **Recommendations** For SUSE Longhorn longhorn versions prior to 1.1.3, update to version 1.1.3 or later to resolve the issue. For longhorn versions prior to 1.2.3v, update to version 1.2.3v or later to resolve the issue.