ГлавнаяУязвимости → CVE-2024-6107
9.6критическая

CVE-2024-6107

Описание

Due to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a region. This has been addressed in MAAS and updated in the corresponding snaps.

Затрагиваемое ПО
Canonical Metal as a service
CVSS
Балл9.6 — критическая
ВекторCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:H
Источники
https://bugs.launchpad.net/maas/+bug/2069094