USN-5496-1: cloud-init vulnerability
Mike Stroyan discovered that cloud-init could log password hashes when
reporting schema failures. An attacker with access to these logs could
potentially use this to gain user credentials.
Source: USN-5496-1: cloud-init vulnerability
Leave a Reply