6.7 Medium
AI Score
Confidence
Low
6.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.2%
Juraj Somorovsky, Jorg Schwenk, Meiko Jensen and Xiaofeng Lou discovered
that Eucalyptus did not properly validate SOAP requests. An unauthenticated
remote attacker could exploit this to submit arbitrary commands to the
Eucalyptus SOAP interface in the context of an authenticated user.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 11.04 | noarch | eucalyptus-cloud | < 2.0.1+bzr1256-0ubuntu4.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | eucalyptus-admin-tools | < 2.0.1+bzr1256-0ubuntu4.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | eucalyptus-cc | < 2.0.1+bzr1256-0ubuntu4.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | eucalyptus-common | < 2.0.1+bzr1256-0ubuntu4.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | eucalyptus-gl | < 2.0.1+bzr1256-0ubuntu4.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | eucalyptus-java-common | < 2.0.1+bzr1256-0ubuntu4.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | eucalyptus-nc | < 2.0.1+bzr1256-0ubuntu4.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | eucalyptus-sc | < 2.0.1+bzr1256-0ubuntu4.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | eucalyptus-udeb | < 2.0.1+bzr1256-0ubuntu4.1 | UNKNOWN |
Ubuntu | 11.04 | noarch | eucalyptus-walrus | < 2.0.1+bzr1256-0ubuntu4.1 | UNKNOWN |