The default cloud-init configuration in cloud-init 0.6.2 and newer included "ssh_deletekeys: 0" disabling cloud-init's deletion of ssh host keys. In some environments this could lead to instances created by cloning a golden master or template system sharing ssh host keys and being able to impersonate one another or conduct man-in-the-middle attacks.

🗓️ 18 Aug 2020 07:00:00Reported by MicrosoftType

Cloud-init 0.6.2+ defaults ssh_deletekeys to 0, causing host keys to be reused in cloned instances.

Reporter	Title	Published	Views	Family All 65
Tenable Nessus	Amazon Linux 2 : cloud-init (ALAS-2021-1576)	7 Jan 202100:00	–	nessus
Tenable Nessus	CentOS 8 : cloud-init (CESA-2020:3050)	1 Feb 202100:00	–	nessus
Tenable Nessus	CentOS 7 : cloud-init (RHSA-2020:3898)	20 Oct 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP8 : cloud-init (EulerOS-SA-2020-1840)	28 Aug 202000:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.6.0 : cloud-init (EulerOS-SA-2020-2041)	29 Sep 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : cloud-init (EulerOS-SA-2020-2408)	3 Nov 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP9 : cloud-init (EulerOS-SA-2020-2426)	3 Nov 202000:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP5 : cloud-init (EulerOS-SA-2022-1318)	21 Mar 202200:00	–	nessus
Tenable Nessus	EulerOS Virtualization 3.0.2.0 : cloud-init (EulerOS-SA-2022-1682)	7 May 202200:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP3 : cloud-init (EulerOS-SA-2022-1709)	26 May 202200:00	–	nessus

Vulners

Node

18 Aug 2020 07:00Current

5.2Medium risk

Vulners AI Score5.2

CVSS 23.6

CVSS 3.17.1

CVSS 34.6

EPSS0.00354