The Walrus service in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 allows remote attackers to gain administrator privileges via a crafted REST request.
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:PEucalyptus
APPEucalyptus2.0.33.0.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
Related vulnerabilities
CVE-2016-8520HIGH8.8ten sam produkt
HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing version...
CVE-2016-8528HIGH8.8ten sam produkt
A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found.
CVE-2015-6861HIGH7.5ten sam produkt
HPE Helion Eucalyptus 3.4.0 through 4.2.0 allows remote authenticated users to bypass an intended AssumeRole p...
CVE-2013-4767HIGH10.0ten sam produkt
Unspecified vulnerability in Eucalyptus before 3.3.2 has unknown impact and attack vectors.
CVE-2012-3241HIGH7.5ten sam produkt
The VMware Broker in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 does not properly authenticate SOAP requests, whi...