CVE-2023-1786 | SynScan

Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2023-1786

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

Published: Apr 27, 2023
Updated: May 9, 2023
CVE: CVE-2023-1786
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-532

Affected Software
References

Software	From	Fixed in
canonical / ubuntu_linux	20.04	20.04.x
canonical / ubuntu_linux	16.04	16.04.x
canonical / ubuntu_linux	18.04	18.04.x
canonical / ubuntu_linux	22.04	22.04.x
canonical / ubuntu_linux	22.10	22.10.x
canonical / ubuntu_linux	23.04	23.04.x
canonical / cloud-init	-	23.1.2
fedoraproject / fedora	38	38.x