Back to search
CVE-2013-2296
Published: Sep 17, 2013
Modified: Sep 17, 2024
PUBLISHED
Description
Walrus in Eucalyptus before 3.2.2 does not verify authorization for the GetBucketLoggingStatus, SetBucketLoggingStatus, and SetBucketVersioningStatus bucket operations, which allows remote authenticated users to bypass intended restrictions on (1) modifying the logging setting, (2) modifying the versioning setting, or (3) accessing activity logs via a request.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://eucalyptus.atlassian.net/browse/EUCA-3074
x_refsource_CONFIRM
http://www.eucalyptus.com/resources/security/advisories/esa-10
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now