| |
Vulnerability CVE-2014-5038
Published: 2014-11-07 Modified: 2014-11-08
Description: |
Eucalyptus 3.0.0 through 4.0.1, when the log level is set to DEBUG or lower, logs user and system passwords, which allows local users to obtain sensitive information by reading the cloud log files. |
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:N/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
2.1/10 |
2.9/10 |
3.9/10 |
Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://www.eucalyptus.com/resources/security/advisories/esa-26
|
|
|
closedb();
?>
Copyright 2024, cxsecurity.com
|
|
|