Vulnerability Details CVE-2018-15869
An Amazon Web Services (AWS) developer who does not specify the --owners flag when describing images via AWS CLI, and therefore not properly validating source software per AWS recommended security best practices, may unintentionally load an undesired and potentially malicious Amazon Machine Image (AMI) from the uncurated public community AMI catalog.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.6%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2018-15869
-
cpe:2.3:a:hashicorp:packer:0.1.0
-
cpe:2.3:a:hashicorp:packer:0.1.1
-
cpe:2.3:a:hashicorp:packer:0.1.2
-
cpe:2.3:a:hashicorp:packer:0.1.3
-
cpe:2.3:a:hashicorp:packer:0.1.4
-
cpe:2.3:a:hashicorp:packer:0.1.5
-
cpe:2.3:a:hashicorp:packer:0.10.0
-
cpe:2.3:a:hashicorp:packer:0.10.1
-
cpe:2.3:a:hashicorp:packer:0.10.2
-
cpe:2.3:a:hashicorp:packer:0.11.0
-
cpe:2.3:a:hashicorp:packer:0.12.0
-
cpe:2.3:a:hashicorp:packer:0.12.1
-
cpe:2.3:a:hashicorp:packer:0.12.2
-
cpe:2.3:a:hashicorp:packer:0.12.3
-
cpe:2.3:a:hashicorp:packer:0.2.0
-
cpe:2.3:a:hashicorp:packer:0.2.1
-
cpe:2.3:a:hashicorp:packer:0.2.2
-
cpe:2.3:a:hashicorp:packer:0.2.3
-
cpe:2.3:a:hashicorp:packer:0.3.0
-
cpe:2.3:a:hashicorp:packer:0.3.1
-
cpe:2.3:a:hashicorp:packer:0.3.10
-
cpe:2.3:a:hashicorp:packer:0.3.11
-
cpe:2.3:a:hashicorp:packer:0.3.2
-
cpe:2.3:a:hashicorp:packer:0.3.3
-
cpe:2.3:a:hashicorp:packer:0.3.4
-
cpe:2.3:a:hashicorp:packer:0.3.5
-
cpe:2.3:a:hashicorp:packer:0.3.6
-
cpe:2.3:a:hashicorp:packer:0.3.7
-
cpe:2.3:a:hashicorp:packer:0.3.8
-
cpe:2.3:a:hashicorp:packer:0.3.9
-
cpe:2.3:a:hashicorp:packer:0.4.0
-
cpe:2.3:a:hashicorp:packer:0.4.1
-
cpe:2.3:a:hashicorp:packer:0.5.0
-
cpe:2.3:a:hashicorp:packer:0.5.1
-
cpe:2.3:a:hashicorp:packer:0.5.2
-
cpe:2.3:a:hashicorp:packer:0.6.0
-
cpe:2.3:a:hashicorp:packer:0.6.1
-
cpe:2.3:a:hashicorp:packer:0.7.0
-
cpe:2.3:a:hashicorp:packer:0.7.1
-
cpe:2.3:a:hashicorp:packer:0.7.2
-
cpe:2.3:a:hashicorp:packer:0.7.5
-
cpe:2.3:a:hashicorp:packer:0.8.0
-
cpe:2.3:a:hashicorp:packer:0.8.1
-
cpe:2.3:a:hashicorp:packer:0.8.2
-
cpe:2.3:a:hashicorp:packer:0.8.3
-
cpe:2.3:a:hashicorp:packer:0.8.5
-
cpe:2.3:a:hashicorp:packer:0.8.6
-
cpe:2.3:a:hashicorp:packer:0.9.0
-
cpe:2.3:a:hashicorp:packer:1.0.0
-
cpe:2.3:a:hashicorp:packer:1.0.1
-
cpe:2.3:a:hashicorp:packer:1.0.2
-
cpe:2.3:a:hashicorp:packer:1.0.3
-
cpe:2.3:a:hashicorp:packer:1.0.4
-
cpe:2.3:a:hashicorp:packer:1.1.0
-
cpe:2.3:a:hashicorp:packer:1.1.1
-
cpe:2.3:a:hashicorp:packer:1.1.2
-
cpe:2.3:a:hashicorp:packer:1.1.3
-
cpe:2.3:a:hashicorp:packer:1.2.0
-
cpe:2.3:a:hashicorp:packer:1.2.1
-
cpe:2.3:a:hashicorp:packer:1.2.2
-
cpe:2.3:a:hashicorp:packer:1.2.3
-
cpe:2.3:a:hashicorp:packer:1.2.4
-
cpe:2.3:a:hashicorp:packer:1.2.5