CVE-2024-6388 Information

Description

Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon before version 1.12 leaks the Pro token to unprivileged users by passing the token as an argument in plaintext.

Reference

https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2068944 https://www.cve.org/CVERecord?id=CVE-2024-6388 https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24