Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
Privilege Escalation
Ubuntu
Metal As A Service
NVD
CVSS 2.0
2.1
EPSS
0.0%