Filtered by vendor Eucalyptus
Subscriptions
Total
25 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-5037 | 1 Eucalyptus | 1 Eucalyptus | 2024-08-06 | N/A |
Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, logs user and system passwords, which allows local users to obtain sensitive information by reading cloud-requests.log. | ||||
CVE-2014-5038 | 1 Eucalyptus | 1 Eucalyptus | 2024-08-06 | N/A |
Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files. | ||||
CVE-2014-5039 | 1 Eucalyptus | 1 Eucalyptus Management Console | 2024-08-06 | 9.6 Critical |
Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2015-6861 | 1 Eucalyptus | 1 Eucalyptus | 2024-08-06 | N/A |
HPE Helion Eucalyptus 3.4.0 through 4.2.0 allows remote authenticated users to bypass an intended AssumeRole permission requirement and assume an IAM role by leveraging a policy setting for a user's account. | ||||
CVE-2017-7999 | 1 Eucalyptus | 1 Eucalyptus | 2024-08-05 | N/A |
Atlassian Eucalyptus before 4.4.1, when in EDGE mode, allows remote authenticated users with certain privileges to cause a denial of service (E2 service outage) via unspecified vectors. |