Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eucalyptus eucalyptus 2.0.3 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-3240
The Walrus service in Eucalyptus 2.0.3 and 3.0.x prior to 3.0.2 allows remote malicious users to gain administrator privileges via a crafted REST request.
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 2.0.3
7.5
CVSSv2
CVE-2012-3241
The VMware Broker in Eucalyptus 2.0.3 and 3.0.x prior to 3.0.2 does not properly authenticate SOAP requests, which allows remote malicious users to execute arbitrary VMware Broker API commands.
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 3.0.1
5
CVSSv2
CVE-2013-4768
The web services APIs in Eucalyptus 2.0 up to and including 3.4.1 allow remote malicious users to cause a denial of service via vectors related to the "network connection clean up code" and (1) Cloud Controller (CLC), (2) Walrus, (3) Storage Controller (SC), and (4) VMw...
Eucalyptus Eucalyptus 3.4.0
Eucalyptus Eucalyptus 3.2.0
Eucalyptus Eucalyptus 3.2.2
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 3.1.0
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 3.3.1
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 2.0.2
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 3.4.1
Eucalyptus Eucalyptus 3.3.2
Eucalyptus Eucalyptus 3.1.2
Eucalyptus Eucalyptus 3.2.1
Eucalyptus Eucalyptus 3.3.0
Eucalyptus Eucalyptus 2.0
5
CVSSv2
CVE-2012-4063
The Apache Santuario configuration in Eucalyptus prior to 3.1.1 does not properly restrict applying XML Signature transforms to documents, which allows remote malicious users to cause a denial of service via unspecified vectors.
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 2.0.2
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 1.6
6.5
CVSSv2
CVE-2012-4064
Eucalyptus prior to 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to (1) Cloud Controller or (2) Walrus with the internal message format and a modified user id.
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 1.6
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus 2.0.2
3.5
CVSSv2
CVE-2012-4065
Eucalyptus prior to 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain direct access to a (1) Cloud Controller or (2) Walrus service via a crafted messa...
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.2
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 1.6
5
CVSSv2
CVE-2012-4066
The internal message protocol for Walrus in Eucalyptus 3.2.0 and previous versions does not require signatures for unspecified request headers, which allows malicious users to (1) delete or (2) upload snapshots.
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 3.1.0
Eucalyptus Eucalyptus 1.6
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus 2.0.2
5.5
CVSSv2
CVE-2013-2296
Walrus in Eucalyptus prior to 3.2.2 does not verify authorization for the GetBucketLoggingStatus, SetBucketLoggingStatus, and SetBucketVersioningStatus bucket operations, which allows remote authenticated users to bypass intended restrictions on (1) modifying the logging setting,...
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 2.0.2
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 3.1.2
Eucalyptus Eucalyptus 3.1.0
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 1.6
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 3.2.0
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus
4.3
CVSSv2
CVE-2012-4067
Walrus in Eucalyptus prior to 3.2.2 allows remote malicious users to cause a denial of service (memory, thread, and CPU consumption) via a crafted XML message containing a DTD, as demonstrated by a bucket-logging request.
Eucalyptus Eucalyptus 3.1.0
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 3.0
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 3.2.0
Eucalyptus Eucalyptus 3.1.2
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 1.6
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 2.0.2
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.2
4.3
CVSSv2
CVE-2013-4766
The gather log service in Eucalyptus prior to 3.3.1 allows remote malicious users to read log files via an unspecified request to the (1) Cluster Controller (CC) or (2) Node Controller (NC) component.
Eucalyptus Eucalyptus 1.6
Eucalyptus Eucalyptus 1.6.2
Eucalyptus Eucalyptus 2.0
Eucalyptus Eucalyptus 2.0.0
Eucalyptus Eucalyptus 1.0
Eucalyptus Eucalyptus 1.1
Eucalyptus Eucalyptus 1.2
Eucalyptus Eucalyptus 3.0.1
Eucalyptus Eucalyptus 3.1.0
Eucalyptus Eucalyptus 3.1.1
Eucalyptus Eucalyptus 3.1.2
Eucalyptus Eucalyptus 3.2.0
Eucalyptus Eucalyptus 1.4
Eucalyptus Eucalyptus 1.5.2
Eucalyptus Eucalyptus 2.0.1
Eucalyptus Eucalyptus 2.0.3
Eucalyptus Eucalyptus 3.2.1
Eucalyptus Eucalyptus
Eucalyptus Eucalyptus 1.3
Eucalyptus Eucalyptus 1.5.1
Eucalyptus Eucalyptus 2.0.2
Eucalyptus Eucalyptus 3.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »