Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2014-0592 | 2 Crowbar, Novell | 2 Barclamp, Suse Cloud | 2014-04-04 | 7.5 HIGH | N/A |
Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used in SUSE Cloud 3, does not enable netfilter on bridges when creating new instances, which allows remote attackers to bypass security group restrictions via unspecified vectors, related to floating IPs. | |||||
CVE-2012-0434 | 1 Novell | 1 Suse Cloud | 2014-03-04 | 10.0 HIGH | N/A |
The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file, which has unspecified impact and attack vectors. |