CVE-2015-1320

CWE-2554 documents4 sources
Severity
9.8CRITICAL
EPSS
0.2%
top 61.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Ubuntu MaasCanonical Metal AS A Service
Timeline
PublishedApr 22
Latest updateMay 24

Description

The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. This issue affects Ubuntu MAAS versions prior to 1.9.2.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages3 packages

CVEListV5ubuntu/maasunspecified1.9.2
Ubuntumaas< 1.9.5+bzr4599-0ubuntu1~14.04.1+1

Patches

Patch: launchpad.netPatch: launchpad.net

🔴Vulnerability Details

3
GHSA
GHSA-rh3g-x45r-f376: The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface2022-05-24
CVEList
Probe-and-enlist for SeaMicro chassis writes password to the log2019-04-22
OSV
CVE-2015-1320: The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface2019-04-22
CVE-2015-1320 (CRITICAL CVSS 9.8) | The SeaMicro provisioning of Ubuntu | cvebase.io