Metal As A Service Security Vulnerabilities and Issues — Metal As A Service CVE List

Lucene search

CanonicalMetal As A Service

4 matches found

CVE•added 2019/04/22 4:29 p.m.•53 views

CVE-2015-1320

The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. This issue affects Ubuntu MAAS versions prior to 1.9.2.

9.8CVSS7.5AI score0.00175EPSS

CVE•added 2019/04/22 4:29 p.m.•52 views

CVE-2014-1428

A vulnerability in generate_filestorage_key of Ubuntu MAAS allows an attacker to brute-force filenames. This issue affects Ubuntu MAAS versions prior to 1.9.2.

5.3CVSS4.5AI score0.00241EPSS

CVE•added 2019/04/22 4:29 p.m.•44 views

CVE-2014-1426

A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network clients to download any file. This issue affects: Ubuntu MAAS versions prior to 1.9.2.

8.6CVSS7.7AI score0.00682EPSS

CVE•added 2019/04/22 4:29 p.m.•41 views

CVE-2014-1427

A vulnerability in the REST API of Ubuntu MAAS allows an attacker to cause a logged-in user to execute commands via cross-site scripting. This issue affects MAAS versions prior to 1.9.2.

9.6CVSS6.5AI score0.00383EPSS