CVE-2014-1428
published 2019-04-22CVE-2014-1428: A vulnerability in generate_filestorage_key of Ubuntu MAAS allows an attacker to brute-force filenames. This issue affects Ubuntu MAAS versions prior to 1.9.2.
medium5.3CVSS 3.0
AVNACLPRNUINSUCLINAN
A vulnerability in generate_filestorage_key of Ubuntu MAAS allows an attacker to brute-force filenames. This issue affects Ubuntu MAAS versions prior to 1.9.2.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | metal_as_a_service | < 1.9.2 | 1.9.2 |
| ubuntu | maas | >= 0 < 1.9.5+bzr4599-0ubuntu1~14.04.1 | 1.9.5+bzr4599-0ubuntu1~14.04.1 |
| ubuntu | maas | >= 0 < 2.1.3+bzr5573-0ubuntu1~16.04.1 | 2.1.3+bzr5573-0ubuntu1~16.04.1 |
| ubuntu | maas | >= unspecified < 1.9.2 | 1.9.2 |
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
osv5.3MEDIUM