622 matches found
CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
DEBIAN-CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
Privilege escalation
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
CVE-2023-1786
CVE-2023-1786 affects cloud-init and leads to sensitive data exposure in logs prior to version 23.1.2. The root cause is logging of sensitive information (e.g., hashed passwords), which could allow an attacker with local access to read confidential data. Impact is limited to confidentiality (high...
CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
CVE-2023-1786 sensitive data exposure in cloud-init logs
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
CVE-2023-1786 sensitive data exposure in cloud-init logs
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
USN-6042-1: Cloud-init vulnerability
James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
USN-6042-1 cloud-init vulnerability
James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
UBUNTU-CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 : Cloud-init vulnerability (USN-6042-1)
The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6042-1 advisory. James Golovich discovered that sensitive data could be exposed in logs. An attacker could use this information to find...
cloud-init 日志信息泄露漏洞
cloud-init is an industry-standard multi-distribution method for cross-platform cloud instance initialization open-sourced by Canonical. A security vulnerability exists in cloud-init versions prior to 23.1.2, which stems from the possibility of exposing sensitive data in logs. An attacker exploit...
PT-2023-17244 · Unknown +10 · Cloud-Init +10
Name of the Vulnerable Software and Affected Versions: cloud-init versions prior to 23.1.2 Description: The issue allows sensitive data to be exposed in logs, which an attacker could use to find hashed passwords and possibly escalate their privilege. Recommendations: For versions prior to 23.1.2,...
cloud-init -- sensitive data exposure in cloud-init logs
[email protected] reports: Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege...
CVE-2022-2084
A vulnerability was found in cloud-init. With this flaw, sensitive data could be exposed in world-readable cloud-init logs when schema failures are reported. This issue leak could include hashed passwords...
SUSE CVE-2022-2084
Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords...
DEBIAN-CVE-2021-3429
When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user...
CVE-2022-2084
Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords...