maas-import-pxe-files in MAAS before 13.10 does not verify the integrity of downloaded files, which allows remote attackers to modify these files via a man-in-the-middle (MITM) attack.
Max CVSS
5.8
EPSS Score
0.18%
Published
2013-11-23
Updated
2013-11-25
Untrusted search path vulnerability in maas-import-pxe-files in MAAS before 13.10 allows local users to execute arbitrary code via a Trojan horse import_pxe_files configuration file in the current working directory.
Max CVSS
4.4
EPSS Score
0.04%
Published
2013-11-18
Updated
2013-11-21
2 vulnerabilities found