{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-6174", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "state": "PUBLISHED", "assignerShortName": "canonical", "dateReserved": "2024-06-19T22:11:48.245Z", "datePublished": "2025-06-26T09:15:25.462Z", "dateUpdated": "2025-06-26T17:38:50.843Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "cloud-init", "platforms": ["Linux"], "product": "cloud-init", "vendor": "Canonical", "versions": [{"lessThan": "25.1.3", "status": "affected", "version": "0.7.9", "versionType": "semver"}]}], "datePublic": "2025-06-12T11:24:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration."}], "value": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,\u00a0cloud-init default configurations disable platform enumeration."}], "impacts": [{"descriptions": [{"lang": "en", "value": "This vulnerability allows local attackers with network access to place themselves in a position to control cloud-init booting of non-x86 systems"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "references": [{"url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3"}], "source": {"discovery": "INTERNAL"}, "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2025-06-26T09:15:25.462Z"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-287", "lang": "en", "description": "CWE-287 Improper Authentication"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-26T13:29:27.137985Z", "id": "CVE-2024-6174", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-26T17:38:50.843Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-6174", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-26T13:29:27.137985Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287 Improper Authentication"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-26T13:29:51.276Z"}}], "cna": {"source": {"discovery": "INTERNAL"}, "impacts": [{"descriptions": [{"lang": "en", "value": "This vulnerability allows local attackers with network access to place themselves in a position to control cloud-init booting of non-x86 systems"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Canonical", "product": "cloud-init", "versions": [{"status": "affected", "version": "0.7.9", "lessThan": "25.1.3", "versionType": "semver"}], "platforms": ["Linux"], "packageName": "cloud-init", "defaultStatus": "unaffected"}], "datePublic": "2025-06-12T11:24:00.000Z", "references": [{"url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3"}], "descriptions": [{"lang": "en", "value": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,\u00a0cloud-init default configurations disable platform enumeration.", "supportingMedia": [{"type": "text/html", "value": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.", "base64": false}]}], "providerMetadata": {"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "shortName": "canonical", "dateUpdated": "2025-06-26T09:15:25.462Z"}}}, "cveMetadata": {"cveId": "CVE-2024-6174", "state": "PUBLISHED", "dateUpdated": "2025-06-26T17:38:50.843Z", "dateReserved": "2024-06-19T22:11:48.245Z", "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc", "datePublished": "2025-06-26T09:15:25.462Z", "assignerShortName": "canonical"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,\u00a0cloud-init default configurations disable platform enumeration."}], "id": "CVE-2024-6174", "lastModified": "2025-06-26T18:57:43.670", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "security@ubuntu.com", "type": "Secondary"}]}, "published": "2025-06-26T10:15:25.133", "references": [{"source": "security@ubuntu.com", "url": "https://github.com/canonical/cloud-init/releases/tag/25.1.3"}], "sourceIdentifier": "security@ubuntu.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "cloud-init: From CVEorg collector", "id": "2374924", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374924"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-276", "details": ["When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,\u00a0cloud-init default configurations disable platform enumeration.", "An access permissions flaw was found in cloud-init. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded URL with a local IP address, which creates a security exposure."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-6174", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "cloud-init", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "cloud-init", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "cloud-init", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "cloud-init", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-06-26T09:15:25Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-6174\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-6174\nhttps://github.com/canonical/cloud-init/commit/e3f42adc2674a38fb29e414cfbf96f884934b2d2\nhttps://github.com/canonical/cloud-init/releases/tag/25.1.3"], "threat_severity": "Important"}