CVE-2022-2084

Опубликовано: 20 апр. 2023

Источник: redhat

CVSS3: 5.5

EPSS Низкий

Описание

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

A vulnerability was found in cloud-init. With this flaw, sensitive data could be exposed in world-readable cloud-init logs when schema failures are reported. This issue leak could include hashed passwords.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 6	cloud-init	Not affected
Red Hat Enterprise Linux 7	cloud-init	Not affected
Red Hat Enterprise Linux 8	cloud-init	Not affected
Red Hat Enterprise Linux 9	cloud-init	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-200

https://bugzilla.redhat.com/show_bug.cgi?id=2188198cloud-init: vulnerable to expose sensitive information

EPSS

Процентиль: 5%

0.00026

Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2022-2084

CVSS3: 5.5

ubuntu

около 2 лет назад

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

CVE-2022-2084

CVSS3: 5.5

nvd

около 2 лет назад

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

CVE-2022-2084

CVSS3: 5.5

msrc

около 2 лет назад

Описание отсутствует

CVE-2022-2084

CVSS3: 5.5

debian

около 2 лет назад

Sensitive data could be exposed in world readable logs of cloud-init b ...

GHSA-w62x-qh57-5m94

CVSS3: 5.5

github

около 2 лет назад

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

EPSS

Процентиль: 5%

0.00026

Низкий

5.5 Medium

CVSS3