Published: 19/04/2023 Updated: 01/05/2023

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 0

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

Vulnerable Product	Search on Vulmon	Subscribe to Product
canonical cloud-init
canonical ubuntu linux 18.04
canonical ubuntu linux 20.04
canonical ubuntu linux 21.10
canonical ubuntu linux 22.04

Debian Bug report logs - #1014247 cloud-init: CVE-2022-2084 Package: src:cloud-init; Maintainer for src:cloud-init is Debian Cloud Team <debian-cloud@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 2 Jul 2022 20:09:01 UTC Severity: important Tags: security, upstream Found in vers ...

DescriptionThe MITRE CVE dictionary describes this issue as: Sensitive data could be exposed in world readable logs of cloud-init before version 223 when schema failures are reported This leak could include hashed passwords ...

CWE-532 https://github.com/canonical/cloud-init/commit/4d467b14363d800b2185b89790d57871f11ea88c https://ubuntu.com/security/notices/USN-5496-1 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014247 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2022-2084

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-2084

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect