Vulnerability in Eucalyptus

CVE-2012-3241

The VMware Broker in Eucalyptus 2.0.3 and 3.0.x before 3.0.2 does not properly authenticate SOAP requests, which allows remote attackers to execute arbitrary VMware Broker API commands.

EPSS: 0.016 (72.2th percentile) — read the EPSS interpretation.

Affected products

  • Eucalyptus — versions 2.0.3, 3.0.1
  • N/a — versions n/a

Weakness classification (CWE)

References

  • cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
  • cve@mitre.org (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
  • cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)