Canonical Metal As A Service — known CVE vulnerabilities
Every CVE whose affected-product data names Canonical Metal As A Service, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2014-1427 — CVSS 9.6 (critical): A vulnerability in the REST API of Ubuntu MAAS allows an attacker to cause a logged-in user to execute commands via cross-site scripting…
CVE-2024-6107 — CVSS 9.6 (critical): Due to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a…
CVE-2014-1426 — CVSS 8.6 (high): A vulnerability in maasserver.api.get_file_by_name of Ubuntu MAAS allows unauthenticated network clients to download any file. This issue…
CVE-2015-1320 — CVSS 5.5 (medium): The SeaMicro provisioning of Ubuntu MAAS logs credentials, including username and password, for the management interface. This issue…
CVE-2014-1428 — CVSS 2.0 (low): A vulnerability in generate_filestorage_key of Ubuntu MAAS allows an attacker to brute-force filenames. This issue affects Ubuntu MAAS…