CVE-2012-6639

Опубликовано: 25 нояб. 2019

Источник: nvd

CVSS3: 8.8

CVSS2: 9

EPSS Низкий

Описание

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

Ссылки

http://www.openwall.com/lists/oss-security/2014/03/06/7
Mailing List
Third Party Advisory
https://access.redhat.com/security/cve/cve-2012-6639
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6639
Issue Tracking
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6639
Issue Tracking
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2012-6639
Third Party Advisory
https://www.securityfocus.com/bid/66019/references
Third Party Advisory
VDB Entry
http://www.openwall.com/lists/oss-security/2014/03/06/7
Mailing List
Third Party Advisory
https://access.redhat.com/security/cve/cve-2012-6639
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6639
Issue Tracking
Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6639
Issue Tracking
Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2012-6639
Third Party Advisory
https://www.securityfocus.com/bid/66019/references
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:canonical:cloud-init:*:*:*:*:*:*:*:*

Версия до 0.7.0 (исключая)

Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01199

Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-269

Связанные уязвимости

CVE-2012-6639

CVSS3: 8.8

ubuntu

около 6 лет назад

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

CVE-2012-6639

redhat

около 12 лет назад

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

CVE-2012-6639

CVSS3: 8.8

debian

около 6 лет назад

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 ...

GHSA-53qp-p4j3-jj3w

CVSS3: 8.8

github

почти 4 года назад

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

EPSS

Процентиль: 79%

0.01199

Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-269