Information disclosure in Eucalyptus

CVE-2013-4766

The gather log service in Eucalyptus before 3.3.1 allows remote attackers to read log files via an unspecified request to the (1) Cluster Controller (CC) or (2) Node Controller (NC) component.

Vulnerability class: Information Disclosure

EPSS: 0.012 (62.9th percentile) — read the EPSS interpretation.

Affected products

  • Eucalyptus — versions 1.0, 1.1, 1.2
  • N/a — versions n/a

Weakness classification (CWE)

References