Lucene search
HistoryFeb 17, 2014 - 4:55 p.m.
CVE-2013-1069
cve-2013-1069
ubuntu
maas
rabbitmq
authentication
vulnerability
security advisory
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.
Affected configurations
Node
ubuntumetal_as_a_serviceMatch1.2
ORubuntumetal_as_a_serviceMatch1.4
Related
cvelist
cvelist
CVE-2013-1069
2014-02-17 16:00:00
prion
prion
Authentication flaw
2014-02-17 16:55:00
ubuntucve
ubuntucve
CVE-2013-1069
2014-02-13 00:00:00
nvd
nvd
CVE-2013-1069
2014-02-17 16:55:08
openvas
openvas
Ubuntu: Security Advisory (USN-2105-1)
2014-02-17 00:00:00
Ubuntu Update for maas USN-2105-1
2014-02-17 00:00:00
nessus
nessus
Ubuntu 12.04 LTS / 12.10 / 13.10 : maas vulnerabilities (USN-2105-1)
2014-02-14 00:00:00
securityvulns
securityvulns
[USN-2105-1] MAAS vulnerabilities
2014-05-05 00:00:00
MAAS security vulnerabilities
2014-05-05 00:00:00
ubuntu
ubuntu
MAAS vulnerabilities
2014-02-13 00:00:00
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:N/A:N
6.3 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2013-1069