MiracleLinux 7 : cloud-init-18.2-1.el7.2 (AXSA:2019-3789:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3789:02 advisory. Security Fix - CVE-2019-0816 CVE CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the MiracleLinux security...

SUSE: Security Advisory (SUSE-SU-2019:3097-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:3096-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:3191-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2019-2132)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for cloud-init (openSUSE-SU-2019:2633-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : cloud-init (openSUSE-2019-2633)

This update for cloud-init to version 19.2 fixes the following issues : Security issue fixed : - CVE-2019-0816: Fixed the unnecessary extra ssh keys that were added to authorizedkeys bsc1129124. Non-security issues fixed : - Short circuit the conditional for identifying the sysconfig renderer...

Security update for cloud-init (moderate)

openSUSE Security Update: Security update for cloud-init Announcement ID: openSUSE-SU-2019:2633-1 Rating: moderate References: 1099358 1129124 1136440 1142988 1144363 1151488 1154092 Cross-References: CVE-2019-0816 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and...

openSUSE Security Update : cloud-init (openSUSE-2019-2621)

This update for cloud-init to version 19.2 fixes the following issues : Security issue fixed : - CVE-2019-0816: Fixed the unnecessary extra ssh keys that were added to authorizedkeys bsc1129124. Non-security issues fixed : - Short circuit the conditional for identifying the sysconfig renderer...

SUSE SLED15 / SLES15 Security Update : cloud-init (SUSE-SU-2019:3096-1)

This update for cloud-init to version 19.2 fixes the following issues : Security issue fixed : CVE-2019-0816: Fixed the unnecessary extra ssh keys that were added to authorizedkeys bsc1129124. Non-security issues fixed: Short circuit the conditional for identifying the sysconfig renderer...

SUSE SLED15 / SLES15 Security Update : cloud-init (SUSE-SU-2019:3097-1)

This update for cloud-init to version 19.2 fixes the following issues : Security issue fixed : CVE-2019-0816: Fixed the unnecessary extra ssh keys that were added to authorizedkeys bsc1129124. Non-security issues fixed: Short circuit the conditional for identifying the sysconfig renderer...

SUSE-SU-2019:3096-1 Security update for cloud-init

This update for cloud-init to version 19.2 fixes the following issues: Security issue fixed: - CVE-2019-0816: Fixed the unnecessary extra ssh keys that were added to authorizedkeys bsc1129124. Non-security issues fixed: - Short circuit the conditional for identifying the sysconfig renderer...

CVE-2019-0816

CVE-2019-0816 is a security feature bypass in Azure SSH Keypairs triggered by a provisioning change in cloud-init. Connected advisories show cloud-init across multiple distros (e.g., MiracleLinux, NewStart CGSL, EulerOS, openSUSE/OpenSUSE, Amazon Linux) reporting the issue and recommending update...

CentOS Update for cloud-init CESA-2019:0597 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : cloud-init on SL7.x (x86_64) (20190318)

Security Fixes : - cloud-init: extra ssh keys added to authorizedkeys on the Azure platform CVE-2019-0816 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid122961; scriptversion"1.7";...

Scientific Linux Security Update : tomcat on SL7.x (x86_64) (20190318)

Security Fixes : - cloud-init: extra ssh keys added to authorizedkeys on the Azure platform CVE-2019-0816 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid122962; scriptversion"1.7";...

CentOS 7 : cloud-init (CESA-2019:0597)

An update for cloud-init is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Oracle Linux 7 : cloud-init (ELSA-2019-0597)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-0597 advisory. 18.2-1.0.1 - add modified version of enable-ec2utils-to-stop-retrying-to-get-ec2-metadata.patch for 18.2: 1. Enable ec2utils.py having a way to stop retrying to...

RHEL 7 : cloud-init (RHSA-2019:0597)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2019:0597 advisory. The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to...

Microsoft Azure CVE-2019-0816 Security Bypass Vulnerability

Description Microsoft Azure is prone to a security bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions; this may aid in launching further attacks. Technologies Affected Ubuntu Ubuntu Linux 18.04 LTS Recommendations Block external access at the network...