Information disclosure in Eucalyptus
CVE-2013-4766
The gather log service in Eucalyptus before 3.3.1 allows remote attackers to read log files via an unspecified request to the (1) Cluster Controller (CC) or (2) Node Controller (NC) component.
Vulnerability class: Information Disclosure
EPSS: 0.012 (62.9th percentile) — read the EPSS interpretation.
Affected products
- Eucalyptus — versions 1.0, 1.1, 1.2
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)