Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eucalyptus eucalyptus 2.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-3905
The password reset feature in the administrator interface for Eucalyptus 2.0.0 and 2.0.1 does not perform authentication, which allows remote malicious users to gain privileges by sending password reset requests for other users.
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 2.0.1
NA
CVE-2012-4066
The internal message protocol for Walrus in Eucalyptus 3.2.0 and previous versions does not require signatures for unspecified request headers, which allows malicious users to (1) delete or (2) upload snapshots.
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 3.1.0
Eucalyptus Eucalyptus 1.6
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus 2.0.2
NA
CVE-2012-4063
The Apache Santuario configuration in Eucalyptus prior to 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote malicious users to cause a denial of service via unspecified vectors.
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 2.0.2
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 1.6
NA
CVE-2012-4064
Eucalyptus prior to 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to (1) Cloud Controller or (2) Walrus with the internal message format and a modified user id.
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 1.6
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus 2.0.2
NA
CVE-2012-4065
Eucalyptus prior to 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain direct access to a (1) Cloud Controller or (2) Walrus service via a crafted messa...
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.2
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 1.6
NA
CVE-2012-4067
Walrus in Eucalyptus prior to 3.2.2 allows remote malicious users to cause a denial of service (memory, thread, and CPU consumption) via a crafted XML message containing a DTD, as demonstrated by a bucket-logging request.
Eucalyptus Eucalyptus 3.1.0
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 3.2.0
Eucalyptus Eucalyptus 3.1.2
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 1.6
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 2.0.2
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.2
NA
CVE-2013-2296
Walrus in Eucalyptus prior to 3.2.2 does not verify authorization for the GetBucketLoggingStatus, SetBucketLoggingStatus, and SetBucketVersioningStatus bucket operations, which allows remote authenticated users to bypass intended restrictions on (1) modifying the logging setting,...
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 2.0.2
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 3.1.2
Eucalyptus Eucalyptus 3.1.0
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 1.6
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 3.2.0
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus
NA
CVE-2013-4766
The gather log service in Eucalyptus prior to 3.3.1 allows remote malicious users to read log files via an unspecified request to the (1) Cluster Controller (CC) or (2) Node Controller (NC) component.
Eucalyptus Eucalyptus 1.6
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 3.1.0
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 3.1.2
Eucalyptus Eucalyptus 3.2.0
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 3.2.1
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 2.0.2
Eucalyptus Eucalyptus 3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started