CVE-2018-20105

A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. This issue affects: SUSE Linux Enterprise Server 15 yast2-rmt versions prior to 1.2.2. openSUSE Leap yast2-rmt versions prior to 1.2.2.

Date published : 2020-01-27

https://bugzilla.suse.com/show_bug.cgi?id=1119835

http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00035.html