PT-2012-4593 · Eucalyptus+1 · Eucalyptus+1

Published

2012-07-17

Updated

2012-07-18

CVE-2012-3241

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Eucalyptus versions 2.0.3 and 3.0.x before 3.0.2

Description The issue is related to improper authentication of SOAP requests in the VMware Broker. This allows remote attackers to execute arbitrary VMware Broker API commands.

Recommendations For Eucalyptus version 2.0.3, update to a version that properly authenticates SOAP requests. For Eucalyptus versions 3.0.x before 3.0.2, update to version 3.0.2 or later to ensure proper authentication of SOAP requests.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2012-3241

Affected Products

Eucalyptus

Vmware Broker

PT-2012-4593 · Eucalyptus+1 · Eucalyptus+1

CVE-2012-3241

Weakness Enumeration

Related Identifiers

Affected Products

References · 4