PT-2024-37585 · Canonical+1 · Ubuntu Advantage Desktop Daemon+2
Marco Trevisan
·
Published
2024-06-27
·
Updated
2025-01-07
·
CVE-2024-6388
CVSS v3.1
5.9
Medium
| Vector | AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Ubuntu Advantage Desktop Daemon versions prior to 1.12
Description
The Ubuntu Advantage Desktop Daemon leaks the Pro token to unprivileged users by passing the token as an argument in plaintext.
Recommendations
For versions prior to 1.12, update to version 1.12 or later to resolve the issue.
Fix
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Linuxmint
Ubuntu
Ubuntu Advantage Desktop Daemon