Vulnerabilities > Eucalyptus > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-01 | CVE-2017-7999 | Denial-Of-Service vulnerability in Eucalyptus Atlassian Eucalyptus before 4.4.1, when in EDGE mode, allows remote authenticated users with certain privileges to cause a denial of service (E2 service outage) via unspecified vectors. network eucalyptus | 3.5 |
| 2014-11-07 | CVE-2014-5037 | Information Exposure vulnerability in Eucalyptus 4.0.0/4.0.1 Eucalyptus 4.0.0 through 4.0.1, when the log level is set to INFO, logs user and system passwords, which allows local users to obtain sensitive information by reading cloud-requests.log. | 2.1 |
| 2014-11-07 | CVE-2014-5038 | Information Exposure vulnerability in Eucalyptus Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files. | 2.1 |
| 2014-09-05 | CVE-2014-5036 | Information Exposure vulnerability in Eucalyptus 3.4.2/3.4.3/4.0.0 The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equallogic SAN is used, logs the CHAP user credentials, which allows local users to obtain sensitive information by reading the logs. | 1.9 |
| 2012-10-01 | CVE-2012-4065 | Permissions, Privileges, and Access Controls vulnerability in Eucalyptus Eucalyptus before 3.1.1 does not properly restrict the binding of external SOAP web-services messages, which allows remote authenticated users to bypass unspecified authorization checks and obtain direct access to a (1) Cloud Controller or (2) Walrus service via a crafted message, as demonstrated by changes to a volume, snapshot, or cloud configuration setting. | 3.5 |