CVE-2012-4065 in Eucalyptusinfo

Summary

Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain direct access to a (1) Cloud Controller or (2) Walrus service via a crafted message, as demonstrated by changes to a volume, snapshot, or cloud configuration setting.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

07/26/2012

Disclosure

10/01/2012

Moderation

VulDB entry created

Entries

VDB-62526 (1)

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

4.3

EPSS

0.00135

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-4065
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-4065
CVE Details	https://www.cvedetails.com/cve/CVE-2012-4065/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!