Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Canonical Subscribe
Filtered by product Metal As A Service
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-1320 1 Canonical 1 Metal As A Service 2019-10-09 5.0 MEDIUM 9.8 CRITICAL
The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. This issue affects Ubuntu MAAS versions prior to 1.9.2.
CVE-2014-1426 1 Canonical 1 Metal As A Service 2019-10-09 5.0 MEDIUM 7.5 HIGH
A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network clients to download any file. This issue affects: Ubuntu MAAS versions prior to 1.9.2.
CVE-2014-1427 1 Canonical 1 Metal As A Service 2019-10-09 4.3 MEDIUM 6.1 MEDIUM
A vulnerability in the REST API of Ubuntu MAAS allows an attacker to cause a logged-in user to execute commands via cross-site scripting. This issue affects MAAS versions prior to 1.9.2.
CVE-2014-1428 1 Canonical 1 Metal As A Service 2019-10-09 5.0 MEDIUM 5.3 MEDIUM
A vulnerability in generate_filestorage_key of Ubuntu MAAS allows an attacker to brute-force filenames. This issue affects Ubuntu MAAS versions prior to 1.9.2.