CNNVD-202512-387 Information

CNNVD ID

CNNVD-202512-387

Related CVE

CVE-2025-7044

• CNNVD Published: 2025-12-03

Description (Chinese)

Canonical MAAS是Canonical开源的一个用于大规模物理服务器管理和自动化部署的软件。 Canonical MAAS存在安全漏洞，该漏洞源于用户websocket处理程序输入验证不当，可能导致经过身份验证的低权限攻击者提升为管理员角色。

Description (English)

Canonical MAAS is an open source of Canonical software for large-scale physical server management and automated deployment. Canonical MAAS has a security loophole, which stems from the miscertification of the user websocket processor, which may lead to the promotion of the role of an accredited low-authorized assailant as administrator.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

科能软件

Published

2025-12-03

Last Modified

2026-02-24

References

https://bugs.launchpad.net/maas/+bug/2115714