9.8
CVE-2015-1320
- EPSS 0.18%
- Veröffentlicht 22.04.2019 16:29:00
- Zuletzt bearbeitet 21.11.2024 02:25:09
- Quelle security@ubuntu.com
- CVE-Watchlists
- Unerledigt
LoginProbe-and-enlist for SeaMicro chassis writes password to the log
The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. This issue affects Ubuntu MAAS versions prior to 1.9.2.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Metal As A Service Version < 1.9.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.18% | 0.357 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
| security@ubuntu.com | 5.5 | 1.8 | 3.6 |
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|