CVE-2020-11932: Subiquity server installer logged LUKS full disk encryption password

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-11932

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Subiquity server installer logged LUKS full disk encryption password

Source: NVD (National Vulnerability Database)

Vulnerability Description

It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Source: NVD (National Vulnerability Database)

Vulnerability Type

通过日志文件的信息暴露

Source: NVD (National Vulnerability Database)

Vulnerability Title

Canonical Subiquity 日志信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Canonical Subiquity是英国科能（Canonical）公司的一款Ubuntu服务器安装程序。 Canonical Subiquity（使用在Ubuntu Server）中存在日志信息泄露漏洞。该漏洞源于网络系统或产品的日志文件非正常输出。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Canonical	Subiquity	unspecified ~ 20.05.2	-

II. Public POCs for CVE-2020-11932

#	POC Description	Source Link	Shenlong Link
1	Double-Free BUG in WhatsApp exploit poc.	https://github.com/ProjectorBUg/CVE-2020-11932	POC Details
2	Check CVE-2020-11932 (ubuntu server) and test host relating to this vulnerability	https://github.com/Staubgeborener/CVE-2020-11932	POC Details
3	None	https://github.com/code-developers/CVE-2020-11932	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2020-11932

Please Login to view more intelligence information

IV. Related Vulnerabilities

Same product: Subiquity

Same vendor: Canonical

Same weakness: CWE-532

V. Comments for CVE-2020-11932

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2020-11932

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2020-11932

III. Intelligence Information for CVE-2020-11932

IV. Related Vulnerabilities

V. Comments for CVE-2020-11932

Leave a comment