mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-29 05:56:17 +00:00
169 lines
6.0 KiB
JSON
169 lines
6.0 KiB
JSON
{
|
|
"id": "CVE-2012-4064",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2012-10-01T23:55:01.347",
|
|
"lastModified": "2012-10-02T20:11:27.583",
|
|
"vulnStatus": "Analyzed",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to gain privileges by sending a message to (1) Cloud Controller or (2) Walrus with the internal message format and a modified user id."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Eucalyptus antes de v3.1.1 no restringe correctamente los enlaces de mensajes de servicios web SOAP, lo que permite a usuarios remotos autenticados obtener privilegios mediante el env\u00edo de un mensaje a (1) controlador de la nube o (2) Walrus con el formato de mensaje interno yun id usuario modificado."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "SINGLE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 6.5
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 8.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-264"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:*:*:*:*:*:*:*:*",
|
|
"versionEndIncluding": "3.1.0",
|
|
"matchCriteriaId": "522CB3F7-3492-47F7-837C-F64B4F326732"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "91027387-6A15-4EF3-AA31-AE39A49505F0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0A143205-6B95-410D-8500-1916DD4F3F3B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:1.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EFAF37FF-B306-4231-8DDA-95EC16935C06"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:1.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "53689262-6D98-443A-883F-12D9812F4140"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:1.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "323791A0-35CA-49D2-B68F-F1FE30B66248"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:1.5.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2677F0C3-7016-4379-B495-5301A5893322"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:1.5.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "55C87A95-CE7E-44A4-BE64-407CC94AB16E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:1.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D2E86109-062F-4BCD-96EC-242F87DC63AF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:1.6.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "11B0C518-C019-48CD-ABAC-B2F433CC0C9D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EC2B60FE-42EE-4F71-B73D-67FF1FD0CD29"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:2.0.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E8974798-2246-4C12-A0A2-ADDB10563E58"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:2.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0C98920E-5369-4690-885A-BEE737F029C3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:2.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F548349B-ADC1-48A5-A5FA-2C1B6B3CC553"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:2.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "91D1B66B-8605-46F5-8290-8A8DA5412546"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AB322B1B-8FE8-4CEF-A7F4-B86F131F9116"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2ECBDD1A-8E7A-48C0-B638-815DDC3A3A4B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "926B4E5D-804D-4E03-B5A6-17F127D99F96"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.eucalyptus.com/eucalyptus-cloud/security/esa-06",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |