Vulnerabilities > CVE-2013-2297 - Credentials Management vulnerability in Eucalyptus Eustore

CVSS 6.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

eucalyptus

CWE-255

NVD

Published: 2013-09-17

Updated: 2013-09-18

Summary

Eucalyptus EuStore sets a blank root password in the default configuration of EMI 3868652036, EMI 0400376721, EMI 2425352071, and EMI 1347115203, which allows local users to gain privileges via unspecified vectors, a related issue to CVE-2013-2069.

Vulnerable Configurations

Part	Description	Count
OS	Eucalyptus Eucalyptus Eustore Emi_0400376721 Eucalyptus Eustore Emi_1347115203 Eucalyptus Eustore Emi_2425352071 Eucalyptus Eustore Emi_3868652036	4

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://www.eucalyptus.com/resources/security/advisories/esa-12