Filtered by vendor Eucalyptus
Subscribe
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4066 | 1 Eucalyptus | 1 Eucalyptus | 2013-03-17 | 5.0 MEDIUM | N/A |
| The internal message protocol for Walrus in Eucalyptus 3.2.0 and earlier does not require signatures for unspecified request headers, which allows attackers to (1) delete or (2) upload snapshots. | |||||
| CVE-2012-4065 | 1 Eucalyptus | 1 Eucalyptus | 2012-10-02 | 3.5 LOW | N/A |
| Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain direct access to a (1) Cloud Controller or (2) Walrus service via a crafted message, as demonstrated by changes to a volume, snapshot, or cloud configuration setting. | |||||
| CVE-2012-4064 | 1 Eucalyptus | 1 Eucalyptus | 2012-10-02 | 6.5 MEDIUM | N/A |
| Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to (1) Cloud Controller or (2) Walrus with the internal message format and a modified user id. | |||||
| CVE-2012-3241 | 1 Eucalyptus | 1 Eucalyptus | 2012-07-17 | 7.5 HIGH | N/A |
| The VMware Broker in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 does not properly authenticate SOAP requests, which allows remote attackers to execute arbitrary VMware Broker API commands. | |||||
| CVE-2012-3240 | 1 Eucalyptus | 1 Eucalyptus | 2012-07-17 | 7.5 HIGH | N/A |
| The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows remote attackers to gain administrator privileges via a crafted REST request. | |||||