Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-1426 | 1 Canonical | 1 Metal As A Service | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network clients to download any file. This issue affects: Ubuntu MAAS versions prior to 1.9.2. | |||||
| CVE-2014-1428 | 1 Canonical | 1 Metal As A Service | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in generate_filestorage_key of Ubuntu MAAS allows an attacker to brute-force filenames. This issue affects Ubuntu MAAS versions prior to 1.9.2. | |||||
| CVE-2015-1320 | 1 Canonical | 1 Metal As A Service | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
| The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. This issue affects Ubuntu MAAS versions prior to 1.9.2. | |||||
| CVE-2014-1427 | 1 Canonical | 1 Metal As A Service | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the REST API of Ubuntu MAAS allows an attacker to cause a logged-in user to execute commands via cross-site scripting. This issue affects MAAS versions prior to 1.9.2. | |||||