In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.
CPE | Name | Operator | Version |
---|---|---|---|
cloud-init | le | 19.4 | |
debian_linux | eq | 8.0 | |
leap | eq | 15.1 |