Canonical: >> Maas >> 12.04.3 Security Vulnerabilities
maas-import-pxe-files in MAAS before 13.10 does not verify the integrity of downloaded files, which allows remote attackers to modify these files via a man-in-the-middle (MITM) attack.
CVSS Score
5.8
EPSS Score
0.007
Published
2013-11-23
Untrusted search path vulnerability in maas-import-pxe-files in MAAS before 13.10 allows local users to execute arbitrary code via a Trojan horse import_pxe_files configuration file in the current working directory.
CVSS Score
4.4
EPSS Score
0.001
Published
2013-11-18