Due to insufficient verification, an attacker could use a malicious client to bypass authentication checks and run RPC commands in a region. This has been addressed in MAAS and updated in the corresponding snaps.
{
"binaries": [
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "maas"
},
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "maas-cli"
},
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "maas-common"
},
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "maas-dhcp"
},
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "maas-dns"
},
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "maas-proxy"
},
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "maas-rack-controller"
},
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "maas-region-api"
},
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "maas-region-controller"
},
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "python3-django-maas"
},
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "python3-maas-client"
},
{
"binary_version": "2.3.5-6511-gf466fdb-0ubuntu1",
"binary_name": "python3-maas-provisioningserver"
}
]
}
{
"binaries": [
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "maas"
},
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "maas-cli"
},
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "maas-common"
},
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "maas-dhcp"
},
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "maas-dns"
},
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "maas-proxy"
},
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "maas-rack-controller"
},
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "maas-region-api"
},
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "maas-region-controller"
},
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "python3-django-maas"
},
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "python3-maas-client"
},
{
"binary_version": "2.4.2-7034-g2f5deb8b8-0ubuntu1",
"binary_name": "python3-maas-provisioningserver"
}
]
}