CVE-2017-14806

Name of the Vulnerable Software and Affected Versions: SUSE Studio onsite susestudio-common versions 1.3.17-56.6.3 and prior versions.

Description: The issue is related to an Improper Certificate Validation vulnerability, allowing remote attackers to perform a man-in-the-middle (MITM) attack on connections to the repositories. This enables the modification of packages received over these connections.

Recommendations: For SUSE Studio onsite susestudio-common versions 1.3.17-56.6.3 and prior versions, update to a version newer than 1.3.17-56.6.3 to resolve the issue. As a temporary workaround, consider restricting access to the repositories to minimize the risk of exploitation.