Vulnerability in Eucalyptus

CVE-2012-4064

Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to (1) Cloud Controller or (2) Walrus with the internal…

EPSS: 0.012 (62.9th percentile) — read the EPSS interpretation.

Affected products

  • Eucalyptus — versions 1.0, 1.1, 1.2
  • N/a — versions n/a

Weakness classification (CWE)

References