漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one another or conduct man-in-the-middle attacks.
CVSS Information
N/A
Vulnerability Type
使用硬编码的密码学密钥
Vulnerability Title
cloud-init 安全漏洞
Vulnerability Description
Cloud-init是一款用于云平台的虚拟机初始化工具。 cloud-init 0.6.2版本及之后版本存在安全漏洞。攻击者可利用该漏洞冒充其他用户或执行中间人攻击。
CVSS Information
N/A
Vulnerability Type
N/A