CVE-2024-6174
EUVD-2024-5470726.06.2025, 10:15
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| canonical | cloud-init | 𝑥 < 25.1.3 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| cloud-init |
|
Common Weakness Enumeration