CVE-2012-6639

Опубликовано: 07 янв. 2014

Источник: redhat

CVSS2: 7.1

Описание

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

Not vulnerable. This issue did not affect the versions of cloud-init as shipped with Red Hat Enterprise Linux OpenStack Platform 3.0.

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat OpenStack Platform 3	cloud-init	Not affected

Показывать по

Статус:

Important

Дефект:

CWE-290

https://bugzilla.redhat.com/show_bug.cgi?id=1073591cloud-init: insecure transmission of EC2 instance data can lead to root privilege escalation

7.1 High

CVSS2

CVE-2012-6639

CVSS3: 8.8

ubuntu

около 6 лет назад

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

CVE-2012-6639

CVSS3: 8.8

nvd

около 6 лет назад

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

CVE-2012-6639

CVSS3: 8.8

debian

около 6 лет назад

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 ...

GHSA-53qp-p4j3-jj3w

CVSS3: 8.8

github

почти 4 года назад

An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.

7.1 High

CVSS2