CVE-2023-5182

Published October 7th, 2023

View on NVD ↗

CVSS v3

5.5

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the adm group could use this information to find hashed passwords and possibly escalate their privilege.

canonical/subiquity

Ubuntu Server Installer, and backend for Ubuntu Desktop Installer

GitHub

576