RSS   Podatności dla 'Metal as a service'   RSS

2019-04-22
 
CVE-2015-1320

CWE-255
 

 
The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. This issue affects Ubuntu MAAS versions prior to 1.9.2.

 
 
CVE-2014-1428

CWE-254
 

 
A vulnerability in generate_filestorage_key of Ubuntu MAAS allows an attacker to brute-force filenames. This issue affects Ubuntu MAAS versions prior to 1.9.2.

 
 
CVE-2014-1427

CWE-79
 

 
A vulnerability in the REST API of Ubuntu MAAS allows an attacker to cause a logged-in user to execute commands via cross-site scripting. This issue affects MAAS versions prior to 1.9.2.

 
 
CVE-2014-1426

CWE-20
 

 
A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network clients to download any file. This issue affects: Ubuntu MAAS versions prior to 1.9.2.

 

 >>> Vendor: Canonical 35 Produkty
Spread
Ubuntu linux
Ubuntu enterprise cloud
PHP5
Ubuntu software properties
Telepathy-idle
MAAS
Libpam-modules
Update-manager
Accountsservice
Software-properties
Ltsp display manager
Acpi-support
Reportbug
Ubuntu
Lxcfs
Ubuntu core
Ubuntu touch
Ubuntu-core-launcher
LXD
Openstack ironic
JUJU
Ubuntu-image
Bazaar
Screen-resolution-extra
Apparmor
Ubuntu download manager
Snapd
Apt-xapian-index
Metal as a service
Cloud-init
Ubuntu cobbler
Microk8s
C-kernel
Subiquity


Copyright 2020, cxsecurity.com

 

Back to Top