{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6174", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2024-06-19T22:11:48.245Z", "datePublished": "2025-06-26T09:15:25.462Z", "dateUpdated": "2025-06-26T17:38:50.843Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "cloud-init", "platforms": ["Linux"], "product": "cloud-init", "vendor": "Canonical", "versions": [{"lessThan": "25.1.3", "status": "affected", "version": "0.7.9", "versionType": "semver"}]}], "datePublic": "2025-06-12T11:24:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration."}], "value": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,\u00a0cloud-init default configurations disable platform enumeration."}], "impacts": [{"descriptions": [{"lang": "en", "value": "This vulnerability allows local attackers with network access to place themselves in a position to control cloud-init booting of non-x86 systems"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "references": [{"url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3"}], "source": {"discovery": "INTERNAL"}, "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2025-06-26T09:15:25.462Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-287", "lang": "en", "description": "CWE-287 Improper Authentication"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-26T13:29:27.137985Z", "id": "CVE-2024-6174", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-26T17:38:50.843Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-6174", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-26T13:29:27.137985Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287 Improper Authentication"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-26T13:29:51.276Z"}}], "cna": {"source": {"discovery": "INTERNAL"}, "impacts": [{"descriptions": [{"lang": "en", "value": "This vulnerability allows local attackers with network access to place themselves in a position to control cloud-init booting of non-x86 systems"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Canonical", "product": "cloud-init", "versions": [{"status": "affected", "version": "0.7.9", "lessThan": "25.1.3", "versionType": "semver"}], "platforms": ["Linux"], "packageName": "cloud-init", "defaultStatus": "unaffected"}], "datePublic": "2025-06-12T11:24:00.000Z", "references": [{"url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3"}], "descriptions": [{"lang": "en", "value": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,\u00a0cloud-init default configurations disable platform enumeration.", "supportingMedia": [{"type": "text/html", "value": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.", "base64": false}]}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2025-06-26T09:15:25.462Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6174", "state": "PUBLISHED", "dateUpdated": "2025-06-26T17:38:50.843Z", "dateReserved": "2024-06-19T22:11:48.245Z", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "datePublished": "2025-06-26T09:15:25.462Z", "assignerShortName": "canonical"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:canonical:cloud-init:*:*:*:*:*:*:*:*", "matchCriteriaId": "5549A5E9-C7DB-4106-865B-21D216620BD4", "versionEndExcluding": "25.1.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,\u00a0cloud-init default configurations disable platform enumeration."}, {"lang": "es", "value": "Cuando se detecta una plataforma distinta a x86, Cloud-init otorga acceso root a una URL codificada con una direcci\u00f3n IP local. Para evitarlo, la configuraci\u00f3n predeterminada de Cloud-init deshabilita la enumeraci\u00f3n de plataformas."}], "id": "CVE-2024-6174", "lastModified": "2025-08-26T20:48:56.763", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2025-06-26T10:15:25.133", "references": [{"source": "security@ubuntu.com", "tags": ["Release Notes"], "url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "cloud-init: Cloud init permissions flaw", "id": "2374924", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374924"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-276", "details": ["When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,\u00a0cloud-init default configurations disable platform enumeration.", "An access permissions flaw was found in cloud-init. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded URL with a local IP address, which creates a security exposure."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-6174", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "cloud-init", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "cloud-init", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "cloud-init", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "cloud-init", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-06-26T09:15:25Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-6174\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-6174\nhttps://github.com/canonical/cloud-init/commit/e3f42adc2674a38fb29e414cfbf96f884934b2d2\nhttps://github.com/canonical/cloud-init/releases/tag/25.1.3"], "threat_severity": "Important"}

{"created": "2025-07-06T22:16:32.612417+00:00", "updated": "2025-07-06T22:16:32.612461+00:00", "vendors": ["canonical", "canonical$PRODUCT$cloud-init"]}