CVE-2020-11932

low

Description

It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered.

References

https://github.com/CanonicalLtd/subiquity/commit/7db70650feaf513d7fb6f1ca07f2d670a0890613

https://aliceandbob.company/the-human-factor-in-an-economy-of-scale/

Details

Source: Mitre, NVD

Published: 2020-05-13

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 2.3

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Severity: Low

EPSS

EPSS: 0.02203