Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-4768

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2013-4768
Last Modified 16 Apr 2014 11:21:43
Published 15 Apr 2014 08:55:23
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2013-4768

Summary

The web services APIs in Eucalyptus 2.0 through 3.4.1 allow remote attackers to cause a denial of service via vectors related to the "network connection clean up code" and (1) Cloud Controller (CLC), (2) Walrus, (3) Storage Controller (SC), and (4) VMware Broker (VB).

Vulnerable Systems

Application

  • Eucalyptus 2.0

  • Eucalyptus 2.0.1

  • Eucalyptus 2.0.2

  • Eucalyptus 2.0.3

  • Eucalyptus 3.0

  • Eucalyptus 3.0.1

  • Eucalyptus 3.1.0

  • Eucalyptus 3.1.1

  • Eucalyptus 3.1.2

  • Eucalyptus 3.2.0

  • Eucalyptus 3.2.1

  • Eucalyptus 3.2.2

  • Eucalyptus 3.3.0

  • Eucalyptus 3.3.1

  • Eucalyptus 3.3.2

  • Eucalyptus 3.4.0

  • Eucalyptus 3.4.1


References

CONFIRM - https://www.eucalyptus.com/resources/security/advisories/esa-15


Last Updated: 27 May 2016 11:04:57