Vulnerability in Eucalyptus
CVE-2012-4064
Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to (1) Cloud Controller or (2) Walrus with the internal…
EPSS: 0.012 (62.9th percentile) — read the EPSS interpretation.
Affected products
- Eucalyptus — versions 1.0, 1.1, 1.2
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)