Key Management Errors

CVE-2015-1316

Medium

6.4/10

Summary

Juju Core's Joyent provider before version 1.25.5 uploads the user's private ssh key.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: HIGH
Confidentiality Impact: HIGH
Availability Impact: HIGH

CWE-320 - Key Management Errors

Weaknesses in this category are related to errors in the management of cryptographic keys.

References

Advisory Timeline

Published Apr 22, 2019