CVE-2015-1320 MEDIUM

CVE-2015-1320: Probe-and-enlist for SeaMicro chassis writes password to the log

Vendor Ubuntu
Product MAAS
Published April 22, 2019
Last update September 16, 2024

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. This issue affects Ubuntu MAAS versions prior to 1.9.2.

Key dates

02Disclosure timeline

April 22, 2019 CVE published
September 16, 2024 Record updated