These are security advisories for all Eucalyptus products.
View the Severity Level Classification descriptions.
Eucalyptus 3.2
| Date | Advisory | CVEs | Description | Severity |
|---|---|---|---|---|
| 16 Apr 2013 | ESA-10 | CVE-2013-2296 | Missing Authorization Vulnerability in Walrus | Low |
| 16 Apr 2013 | ESA-09 | CVE-2012-4067 | Insecure XML Parsing Vulnerability in Walrus | Important |
| 09 Apr 2013 | ESA-11 | CVE-2013-1899 | Denial of Service Vulnerability in Postgres | Important |
| 28 Feb 2013 | ESA-08 | CVE-2012-4066 | Walrus Request Manipulation Vulnerability | Important |
Eucalyptus 3.1
| Date | Advisory | CVEs | Description | Severity |
|---|---|---|---|---|
| 28 Aug 2012 | ESA-07 | CVE-2012-4065 | SOAP Web Services Authorization Bypass Vulnerability | Critical |
| 28 Aug 2012 | ESA-06 | CVE-2012-4064 | SOAP Web Services Privilege Escalation Vulnerability | Critical |
| 28 Aug 2012 | ESA-05 | CVE-2012-4063 | Insecure Apache Santuario (XML Security) Library Configuration | Important |
Eucalyptus 3.0
| Date | Advisory | CVEs | Description | Severity |
|---|---|---|---|---|
| 11 Jul 2012 | ESA-04 | CVE-2012-3241 | VMWare Broker Lack of Authentication Vulnerability | Critical |
| 11 Jul 2012 | ESA-03 | CVE-2012-3240 | Walrus Authentication Bypass Vulnerability | Critical |
Eucalyptus 2.0
| Date | Advisory | CVEs | Description | Severity |
|---|---|---|---|---|
| 25 May 2011 | ESA-02 | CVE-2011-0730 | XML Signature Element Wrapping vulnerability | Critical |
| 16 Dec 2010 | ESA-01 | CVE-2010-3905 | Password reset vulnerability | Critical |
