14 matches found
Amazon Linux AMI : cloud-init (ALAS-2021-1486)
The version of cloud-init installed on the remote host is prior to 0.7.6-43.23. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2021-1486 advisory. A flaw was found in cloud-init, where it uses the random.choice function when creating sensitive random strings used...
NewStart CGSL MAIN 6.02 : cloud-init Multiple Vulnerabilities (NS-SA-2021-0062)
The remote NewStart CGSL host, running version MAIN 6.02, has cloud-init packages installed that are affected by multiple vulnerabilities: - In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for attackers to...
Amazon Linux 2 : cloud-init (ALAS-2021-1576)
The version of cloud-init installed on the remote host is prior to 19.3-4. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1576 advisory. The default cloud-init configuration included sshdeletekeys: 0, disabling cloud-init's deletion of ssh host keys. In som...
Oracle Linux 8 : cloud-init (ELSA-2020-4650)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-4650 advisory. - Resolves: bz1812171 CVE-2020-8632 cloud-init: Too short random password length in ccsetpassword in config/ccsetpasswords.py rhel-8 - Resolves:...
EulerOS 2.0 SP2 : cloud-init (EulerOS-SA-2020-2333)
According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for...
EulerOS 2.0 SP3 : cloud-init (EulerOS-SA-2020-1373)
According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because...
EulerOS 2.0 SP8 : cloud-init (EulerOS-SA-2020-1286)
According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because...
EulerOS 2.0 SP5 : cloud-init (EulerOS-SA-2020-1304)
According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for...
CVE-2020-8632
In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for attackers to guess passwords...
CVE-2020-8632
In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for attackers to guess passwords...
CVE-2020-8632
In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for attackers to guess passwords...
Design/Logic Flaw
In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for attackers to guess passwords...
CVE-2020-8632
In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for attackers to guess passwords...
CVE-2020-8632
In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for attackers to guess passwords...