In cloud-init up to and including 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for malicious users to guess passwords.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical cloud-init |
||
opensuse leap 15.1 |
||
debian debian linux 8.0 |