Ubuntu: >> Metal As A Service Security Vulnerabilities
Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.
CVSS Score
2.1
EPSS Score
0.0
Published
2014-02-17
Cross-site scripting (XSS) vulnerability in the API in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 allows remote attackers to inject arbitrary web script or HTML via the op parameter to nodes/.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-02-17