Vulnerability Details CVE-2020-11932
It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.5%
CVSS Severity
CVSS v3 Score 2.3
CVSS v2 Score 2.1
References
- https://aliceandbob.company/the-human-factor-in-an-economy-of-scale/
- https://github.com/CanonicalLtd/subiquity/commit/7db70650feaf513d7fb6f1ca07f2d670a0890613
- https://aliceandbob.company/the-human-factor-in-an-economy-of-scale/
- https://github.com/CanonicalLtd/subiquity/commit/7db70650feaf513d7fb6f1ca07f2d670a0890613
Products affected by CVE-2020-11932
-
cpe:2.3:a:canonical:subiquity:0.0.10
-
cpe:2.3:a:canonical:subiquity:0.0.11
-
cpe:2.3:a:canonical:subiquity:0.0.12
-
cpe:2.3:a:canonical:subiquity:0.0.13
-
cpe:2.3:a:canonical:subiquity:0.0.21
-
cpe:2.3:a:canonical:subiquity:0.0.22
-
cpe:2.3:a:canonical:subiquity:0.0.23
-
cpe:2.3:a:canonical:subiquity:0.0.24
-
cpe:2.3:a:canonical:subiquity:0.0.24.1
-
cpe:2.3:a:canonical:subiquity:0.0.25
-
cpe:2.3:a:canonical:subiquity:0.0.26
-
cpe:2.3:a:canonical:subiquity:0.0.27
-
cpe:2.3:a:canonical:subiquity:0.0.28
-
cpe:2.3:a:canonical:subiquity:0.0.29
-
cpe:2.3:a:canonical:subiquity:0.0.3
-
cpe:2.3:a:canonical:subiquity:0.0.4
-
cpe:2.3:a:canonical:subiquity:0.0.5
-
cpe:2.3:a:canonical:subiquity:0.0.7
-
cpe:2.3:a:canonical:subiquity:0.0.8
-
cpe:2.3:a:canonical:subiquity:0.0.9
-
cpe:2.3:a:canonical:subiquity:19.04.1
-
cpe:2.3:a:canonical:subiquity:19.04.2
-
cpe:2.3:a:canonical:subiquity:19.04.3
-
cpe:2.3:a:canonical:subiquity:19.04.4
-
cpe:2.3:a:canonical:subiquity:19.04.5
-
cpe:2.3:a:canonical:subiquity:19.06.1
-
cpe:2.3:a:canonical:subiquity:19.07.1
-
cpe:2.3:a:canonical:subiquity:19.07.2
-
cpe:2.3:a:canonical:subiquity:19.07.3
-
cpe:2.3:a:canonical:subiquity:19.08.1
-
cpe:2.3:a:canonical:subiquity:19.09.1
-
cpe:2.3:a:canonical:subiquity:19.10.1
-
cpe:2.3:a:canonical:subiquity:19.10.2
-
cpe:2.3:a:canonical:subiquity:19.11.1
-
cpe:2.3:a:canonical:subiquity:19.12.1
-
cpe:2.3:a:canonical:subiquity:19.12.1.1
-
cpe:2.3:a:canonical:subiquity:19.12.1.5
-
cpe:2.3:a:canonical:subiquity:19.12.2
-
cpe:2.3:a:canonical:subiquity:20.03.1
-
cpe:2.3:a:canonical:subiquity:20.03.2
-
cpe:2.3:a:canonical:subiquity:20.03.3
-
cpe:2.3:a:canonical:subiquity:20.04.1
-
cpe:2.3:a:canonical:subiquity:20.04.2
-
cpe:2.3:a:canonical:subiquity:20.04.3
-
cpe:2.3:a:canonical:subiquity:20.05.1