An privilege elevation vulnerability exists in Cloud-init before 0.7.0 when requests to an untrusted system are submitted for EC2 instance data.
References
Link | Resource |
---|---|
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2012-6639 | Issue Tracking Third Party Advisory |
https://www.securityfocus.com/bid/66019/references | Third Party Advisory VDB Entry |
https://security-tracker.debian.org/tracker/CVE-2012-6639 | Third Party Advisory |
https://access.redhat.com/security/cve/cve-2012-6639 | Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-6639 | Issue Tracking Third Party Advisory |
http://www.openwall.com/lists/oss-security/2014/03/06/7 | Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Information
Published : 2019-11-25 10:15
Updated : 2020-08-18 08:05
NVD link : CVE-2012-6639
Mitre link : CVE-2012-6639
JSON object : View
CWE
CWE-269
Improper Privilege Management
Products Affected
debian
- debian_linux
suse
- linux_enterprise_server
canonical
- cloud-init