Lucene search
HistoryDec 22, 2010 - 9:00 p.m.
CVE-2010-3905
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.6%
The password reset feature in the administrator interface for Eucalyptus 2.0.0 and 2.0.1 does not perform authentication, which allows remote attackers to gain privileges by sending password reset requests for other users.
Affected configurations
Node
eucalyptuseucalyptusMatch2.0.0
OReucalyptuseucalyptusMatch2.0.1
Related
openvas
openvas
Ubuntu Update for eucalyptus vulnerability USN-1033-1
2011-01-04 00:00:00
Ubuntu: Security Advisory (USN-1033-1)
2011-01-04 00:00:00
securityvulns
securityvulns
Eucalyptus unauthorized access
2010-12-17 00:00:00
[USN-1033-1] Eucalyptus vulnerability
2010-12-17 00:00:00
cvelist
cvelist
CVE-2010-3905
2010-12-22 20:00:00
nessus
nessus
Ubuntu 10.10 : eucalyptus vulnerability (USN-1033-1)
2010-12-17 00:00:00
ubuntu
ubuntu
Eucalyptus vulnerability
2010-12-16 00:00:00
prion
prion
Authentication flaw
2010-12-22 21:00:00
cve
cve
CVE-2010-3905
2010-12-22 21:00:15
ubuntucve
ubuntucve
CVE-2010-3905
2010-12-16 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7 High
AI Score
Confidence
Low
0.019 Low
EPSS
Percentile
88.6%
Related for NVD:CVE-2010-3905