vulnerability

Ubuntu: USN-7063-1 (CVE-2024-6388): Ubuntu Advantage Desktop Daemon vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:L/AC:M/Au:S/C:C/I:N/A:N)	Jun 27, 2024	Oct 14, 2024	Aug 28, 2025

Severity

CVSS

(AV:L/AC:M/Au:S/C:C/I:N/A:N)

Published

Jun 27, 2024

Added

Oct 14, 2024

Modified

Aug 28, 2025

Description

Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the token as an argument in plaintext.

Solution

ubuntu-pro-upgrade-ubuntu-advantage-desktop-daemon

References

CVE-2024-6388
https://attackerkb.com/topics/CVE-2024-6388
CWE-319
CWE-497
UBUNTU-USN-7063-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today