CVE 审计
The section shows you which CVEs have been applied to your clients. A CVE (common vulnerabilities and exposures) is a fix for a publicly known security vulnerability. It is important that you apply CVEs to your clients as soon as they become available.
Each CVE contains an identification number, a description of the vulnerability, and links to further information. CVE identification numbers use the form CVE-YEAR-XXXX.
Clients are listed with a patch status icon.
| Icon | Description | Action Required |
|---|---|---|
Affected, patches are not released for the CVE. |
The client is affected by a vulnerability for which a patch has not yet been released. |
|
Affected, patches were released for the CVE but SUSE Manager can’t find them in any of the relevant channels. |
The client is affected by a vulnerability that received a patch, but SUSE Manager is unable to locate any of the patches in relevant channels. |
|
Affected, only partial patches are available for the CVE. |
The client is affected by a vulnerability and SUSE Manager has patches for it, but applying the patches will only fix some of the vulnerable packages. |
|
Affected, patches are available in channels that are not assigned |
The client is affected by a vulnerability and SUSE Manager has patches for it, but the channels offering the patches are not assigned to the client. |
|
Affected, patches are available in a product migration target |
The client is affected by a vulnerability and SUSE Manager has patches for it, but applying the patch requires migrating the product to a newer version. |
|
Affected, at least one patch is available in an assigned channel |
The client is affected by the vulnerability and SUSE Manager has patches available in a channel that is directly assigned to the client. |
|
Not affected |
The client is not affected because none of the CVE vulnerable packages are installed. |
|
Patched |
A patch has been successfully installed on the client. |
For more information about CVE auditing, see 审计.