Vulnerability Description
The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one another or conduct man-in-the-middle attacks.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canonical | Cloud-Init | >= 0.6.2, < 18.4 |
Related Weaknesses (CWE)
References
- https://bugs.launchpad.net/cloud-init/+bug/1781094PatchThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1574338Issue TrackingThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10896Issue TrackingPatchThird Party Advisory
- https://bugs.launchpad.net/cloud-init/+bug/1781094PatchThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1574338Issue TrackingThird Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10896Issue TrackingPatchThird Party Advisory
FAQ
What is CVE-2018-10896?
CVE-2018-10896 is a vulnerability with a CVSS score of 7.1 (HIGH). The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances ...
How severe is CVE-2018-10896?
CVE-2018-10896 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-10896?
Check the references section above for vendor advisories and patch information. Affected products include: Canonical Cloud-Init.