Описание
When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user.
A flaw was found in cloud-init. When a system is configured through cloud-init and the "Set Passwords" module is used with "chpasswd" directive and "RANDOM", the randomly generated password for the relative user is written in clear-text in a file readable by any existing user of the system. The highest threat from this vulnerability is to data confidentiality and it may allow a local attacker to log in as another user.
Отчет
By default the randomly password generated by "chpasswd" must be changed on the first login of the user. That means that once a user accesses the system for the first time, the random password in the log file cannot be used anymore. However it is possible to configure an extended validity period for the random password, thus the actual impact of this password leak may vary based on the environment and how the systems are configured through cloud-init.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | cloud-init | Out of support scope | ||
| Red Hat Enterprise Linux 7 | cloud-init | Out of support scope | ||
| Red Hat Enterprise Linux 9 | cloud-init | Not affected | ||
| Red Hat Enterprise Linux 8 | cloud-init | Fixed | RHSA-2021:3081 | 10.08.2021 |
| Red Hat Enterprise Linux 8.1 Extended Update Support | cloud-init | Fixed | RHSA-2021:3177 | 17.08.2021 |
| Red Hat Enterprise Linux 8.2 Extended Update Support | cloud-init | Fixed | RHSA-2021:3371 | 31.08.2021 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user.
When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user.
When instructing cloud-init to set a random password for a new user ac ...
When instructing cloud-init to set a random password for a new user account, versions before 21.2 would write that password to the world-readable log file /var/log/cloud-init-output.log. This could allow a local user to log in as another user.
EPSS
5.5 Medium
CVSS3