World-readable permissions for txlongpoll.yaml in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4: Unauthorized Access to RabbitMQ Credentials

World-readable permissions for txlongpoll.yaml in Ubuntu Metal as a Service (MaaS) 1.2 and 1.4: Unauthorized Access to RabbitMQ Credentials

CVE-2013-1069 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Ubuntu Metal as a Service (MaaS) 1.2 and 1.4 uses world-readable permissions for txlongpoll.yaml, which allows local users to obtain RabbitMQ authentication credentials by reading the file.

Learn more about our User Device Pen Test.