CVE-2014-5040

Sažetak

HP Helion Eucalyptus 4.1.x before 4.1.2 and HPE Helion Eucalyptus 4.2.x before 4.2.1 allow remote authenticated users to bypass intended access restrictions and modify arbitrary (1) access key credentials by leveraging knowledge of a key ID or (2) signing certificates by leveraging knowledge of a certificate ID.

Reference

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04926463
https://www.eucalyptus.com/resources/security/advisories/esa-32

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:H/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

05-01-2016 - 19:42

Objavljeno

05-01-2016 - 02:59