Security Advisories

These are security advisories for all Eucalyptus products.

View the Severity Level Classification descriptions.

Eucalyptus 3.2

Date Advisory CVEs Description Severity
16 Apr 2013 ESA-10 CVE-2013-2296 Missing Authorization Vulnerability in Walrus Low
16 Apr 2013 ESA-09 CVE-2012-4067 Insecure XML Parsing Vulnerability in Walrus Important
09 Apr 2013 ESA-11 CVE-2013-1899 Denial of Service Vulnerability in Postgres Important
28 Feb 2013 ESA-08 CVE-2012-4066 Walrus Request Manipulation Vulnerability Important



Eucalyptus 3.1

Date Advisory CVEs Description Severity
28 Aug 2012 ESA-07 CVE-2012-4065 SOAP Web Services Authorization Bypass Vulnerability Critical
28 Aug 2012 ESA-06 CVE-2012-4064 SOAP Web Services Privilege Escalation Vulnerability Critical
28 Aug 2012 ESA-05 CVE-2012-4063 Insecure Apache Santuario (XML Security) Library Configuration Important



Eucalyptus 3.0

Date Advisory CVEs Description Severity
11 Jul 2012 ESA-04 CVE-2012-3241 VMWare Broker Lack of Authentication Vulnerability Critical
11 Jul 2012 ESA-03 CVE-2012-3240 Walrus Authentication Bypass Vulnerability Critical



Eucalyptus 2.0

Date Advisory CVEs Description Severity
25 May 2011 ESA-02 CVE-2011-0730 XML Signature Element Wrapping vulnerability Critical
16 Dec 2010 ESA-01 CVE-2010-3905 Password reset vulnerability Critical

Share This Page

Share this Page on Facebook Share this Page on Twitter Email a Friend