We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | canonical |
Reserved | 2024-06-27 |
Published | 2024-06-27 |
Updated | 2024-08-01 |
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the token as an argument in plaintext.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N |
Marco Trevisan
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2068944
https://www.cve.org/CVERecord?id=CVE-2024-6388
https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24