Lucene search

K

RedosROS-20240703-11

HistoryJul 03, 2024 - 12:00 a.m.

ROS-20240703-11

2024-07-0300:00:00

redos.red-soft.ru

7

cloud-init

linux

vulnerability

sensitive data

unauthorized access

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.6

Confidence

Low

A vulnerability in the cloud-init virtual machine configuration package for Linux family operating systems
is related to the fact that sensitive data could be exposed in cloud-init logs. Exploitation
the vulnerability could allow an attacker to gain unauthorized access to the protected information and
escalate their privileges

A vulnerability in the cloud-init virtual machine configuration package for Linux family operating systems
is related to the fact that sensitive data could be exposed in cloud-init logs. Exploitation
the vulnerability could allow an attacker to gain unauthorized access to the information

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64cloud-init< 23.2-2UNKNOWN

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

6.6

Confidence

Low

Related for ROS-20240703-11

openvas13 nessus30 alpinelinux2 prion2 debiancve2 osv8 ubuntucve2 cbl_mariner3 cvelist2 ubuntu2 cve2 nvd2 redhatcve2 veracode2 almalinux2 oraclelinux4 redhat2 fedora1 freebsd1 rosalinux1 photon3 ibm2