CVE-2014-5040

EPSS 0.09%
Veröffentlicht 05.01.2016 02:59:00
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

HP Helion Eucalyptus 4.1.x before 4.1.2 and HPE Helion Eucalyptus 4.2.x before 4.2.1 allow remote authenticated users to bypass intended access restrictions and modify arbitrary (1) access key credentials by leveraging knowledge of a key ID or (2) signing certificates by leveraging knowledge of a certificate ID.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Eucalyptus ≫ Eucalyptus Version4.1.1

Eucalyptus ≫ Eucalyptus Version4.2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.09%	0.236

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	1.6	5.2	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
nvd@nist.gov	4.6	3.9	6.4	AV:N/AC:H/Au:S/C:P/I:P/A:P

https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04926463

Vendor Advisory

https://www.eucalyptus.com/resources/security/advisories/esa-32

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2014-5040

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-5040

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-5040

EUVD