Security Bypass

Azure SSH Keypairs is vulnerable to security bypass attacks. The vulnerability exists due to a change in the provisioning logic for some Linux images that use cloud-init. An attacker could add extraneous Microsoft service public keys to the VM authorized keys file unexpectedly in the limited...

CVE-2019-0816

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'...

Security feature bypass

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'...

UBUNTU-CVE-2019-0816

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'...

CVE-2019-0816

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'...

DEBIAN-CVE-2019-0816

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'...

CVE-2019-0816

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'...

CVE-2019-0816

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'...

CVE-2019-0816

A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'...

CVE-2017-7510

In ovirt-engine 4.1, if a host was provisioned with cloud-init, the root password could be revealed through the REST interface...

CVE-2017-7510

In ovirt-engine 4.1, if a host was provisioned with cloud-init, the root password could be revealed through the REST interface...

Design/Logic Flaw

In ovirt-engine 4.1, if a host was provisioned with cloud-init, the root password could be revealed through the REST interface...

CVE-2017-7510

The CVE-2017-7510 issue affects ovirt-engine 4.1 where a host provisioned with cloud-init could have its root password exposed via the REST API. The connected sources corroborate that the REST interface exposes data used in cloud-init, including the root password, introducing high-impact risk (CV...

PT-2019-8601 · Ovirt · Ovirt Engine

Name of the Vulnerable Software and Affected Versions: ovirt-engine version 4.1 Description: The issue allows the root password to be revealed through the REST interface if a host was provisioned with cloud-init. Recommendations: For ovirt-engine version 4.1, update to a version that includes a f...

The vulnerability of the package for configuring the cloud-init process in Linux operating systems allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the cloud-init configuration package for Linux operating systems is related to an error in the handling of authentication keys controlled by the user. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected...

CentOS Update for cloud-init CESA-2019:0597 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : tomcat on SL7.x (x86_64) (20190318)

Security Fixes : - cloud-init: extra ssh keys added to authorizedkeys on the Azure platform CVE-2019-0816 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid122962; scriptversion"1.7";...

CentOS 7 : cloud-init (CESA-2019:0597)

An update for cloud-init is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Scientific Linux Security Update : cloud-init on SL7.x (x86_64) (20190318)

Security Fixes : - cloud-init: extra ssh keys added to authorizedkeys on the Azure platform CVE-2019-0816 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid122961; scriptversion"1.7";...

cloud security update

CentOS Errata and Security Advisory CESA-2019:0597 An update for cloud-init is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severi...