Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 8 : cloud-init-20.3-10.el8.5 (AXSA:2021-2312:08)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2312:08 advisory. cloud-init: randomly generated passwords logged in clear-text to world-readable file CVE-2021-3429 Tenable has extracted the preceding description block...

5.5CVSS5.6AI score0.00219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.7 views

Alibaba Cloud Linux 3 : 0257: cloud-init (ALINUX3-SA-2024:0257)

The remote Alibaba Cloud Linux 3 host has a package installed that is affected by a vulnerability as referenced in the ALINUX3-SA-2024:0257 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3429: When instructing cloud-init to set a...

5.5CVSS5.7AI score0.00219EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2024/05/02 7:56 a.m.34 views

Advisory ROSA-SA-2024-2410

Software: cloud-init 20.3 OS: ROSA Virtualization 2.1 packageevrstring: cloud-init-20.3-10.el84.5.src.rpm CVE-ID: CVE-2021-3429 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: When instructing Cloud-init to set a random password for a new version user account, Cloud-init wrote that password to the publi...

5.5CVSS7.3AI score0.00236EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/14 12:0 a.m.27 views

SUSE SLES12 Security Update : cloud-init (SUSE-SU-2023:2164-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2164-1 advisory. This update for cloud-init contains following fixes: - CVE-2021-3429: Do not write the generated password to the log file. bsc11847...

5.5CVSS6.1AI score0.00263EPSS
Exploits0References10
NVD
NVD
added 2023/04/19 10:15 p.m.25 views

CVE-2021-3429

When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user...

5.5CVSS5.3AI score0.00219EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/04/19 10:15 p.m.28 views

CVE-2021-3429

When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user...

5.5CVSS6.1AI score0.00219EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/19 9:42 p.m.20 views

CVE-2021-3429 sensitive data exposure in cloud-init logs

When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user...

5.5CVSS5.6AI score0.00219EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/04/19 9:42 p.m.8 views

CVE-2021-3429 sensitive data exposure in cloud-init logs

When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user...

5.5CVSS5.4AI score0.00219EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/02/12 12:0 a.m.22 views

EulerOS Virtualization 3.0.6.0 : cloud-init (EulerOS-SA-2022-1058)

According to the versions of the cloud-init package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to...

5.5CVSS5.6AI score0.00219EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2021-0494)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00219EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/11/11 12:0 a.m.28 views

EulerOS 2.0 SP9 : cloud-init (EulerOS-SA-2021-2680)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the...

5.5CVSS5.7AI score0.00219EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/11/03 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2021-2624)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/11/02 12:0 a.m.28 views

EulerOS 2.0 SP8 : cloud-init (EulerOS-SA-2021-2624)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the...

5.5CVSS5.7AI score0.00219EPSS
Exploits0References2
OSV
OSV
added 2021/10/29 7:32 p.m.7 views

MGASA-2021-0494 Updated cloud-init packages fix security vulnerability

cloud-init has the ability to generate and set a randomized password for system users. This functionality is enabled at runtime by passing cloud-config data such as: 'chpasswd: list: | user1:RANDOM' When instructing cloud-init to set a random password for a new user account, versions before 21.1....

5.5CVSS5.3AI score0.00219EPSS
Exploits0References4
Mageia
Mageia
added 2021/10/29 7:32 p.m.37 views

Updated cloud-init packages fix security vulnerability

cloud-init has the ability to generate and set a randomized password for system users. This functionality is enabled at runtime by passing cloud-config data such as: 'chpasswd: list: | user1:RANDOM' When instructing cloud-init to set a random password for a new user account, versions before 21.1....

5.5CVSS5.6AI score0.00219EPSS
Exploits0References3
OSV
OSV
added 2021/09/30 11:3 a.m.3 views

OESA-2021-1372 cloud-init security update

Cloud-init is the defacto multi-distribution package that handles early initialization of a cloud instance. Security Fixes: CVE-2021-3429...

5.5CVSS7AI score0.00219EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/08/31 9:24 a.m.35 views

Moderate: Red Hat Security Advisory: cloud-init security update

An update for cloud-init is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

5.5CVSS6.1AI score0.00219EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2021/08/17 8:33 a.m.70 views

Moderate: Red Hat Security Advisory: cloud-init security update

An update for cloud-init is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

5.5CVSS6.1AI score0.00219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/08/16 12:0 a.m.32 views

CentOS 8 : cloud-init (CESA-2021:3081)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:3081 advisory. - cloud-init: randomly generated passwords logged in clear-text to world-readable file CVE-2021-3429 Note that Nessus has not tested for this issue but has...

5.5CVSS5.6AI score0.00219EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2021/08/12 12:0 a.m.61 views

cloud-init security update

20.3-10.0.1 - Added missing services in rhel/systemd/cloud-init.service Orabug: 32183938 - Added missing services in cloud-init.service.tmpl for sshd Orabug: 32183938 - Forward port applicable cloud-init 18.4-2.0.3 changes to cloud-init-18-5 Orabug: 30435672 - limit permissions Orabug: 31352433 -...

0.7AI score0.00219EPSS
Exploits0
Rows per page
Query Builder