Search
Find a vulnerability
Search criteria
4 vulnerabilities found for Helion Eucalyptus by Hewlett Packard Enterprise
CVE-2016-8528 (GCVE-0-2016-8528)
Vulnerability from nvd – Published: 2018-02-15 22:00 – Updated: 2024-09-16 22:36
VLAI
Summary
A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found.
Severity
No CVSS data available.
CWE
- Remote Escalation of Privilege
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1037757 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/95910 | vdb-entryx_refsource_BID |
| https://support.hpe.com/hpsc/doc/public/display?d… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise | Helion Eucalyptus |
Affected:
3.3.0 through 4.3.1
|
Date Public
2017-01-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:41.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037757",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037757"
},
{
"name": "95910",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Helion Eucalyptus",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "3.3.0 through 4.3.1"
}
]
}
],
"datePublic": "2017-01-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T10:57:01.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1037757",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037757"
},
{
"name": "95910",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-01-31T00:00:00",
"ID": "CVE-2016-8528",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Helion Eucalyptus",
"version": {
"version_data": [
{
"version_value": "3.3.0 through 4.3.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037757",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037757"
},
{
"name": "95910",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95910"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-8528",
"datePublished": "2018-02-15T22:00:00.000Z",
"dateReserved": "2016-10-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:36:32.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8520 (GCVE-0-2016-8520)
Vulnerability from nvd – Published: 2018-02-15 22:00 – Updated: 2024-09-16 23:20
VLAI
Summary
HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data.
Severity
No CVSS data available.
CWE
- Remote Unauthorized Access
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/95369 | vdb-entryx_refsource_BID |
| https://support.hpe.com/hpsc/doc/public/display?d… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise | Helion Eucalyptus |
Affected:
v4.3.0 and earlier
|
Date Public
2017-01-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:40.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95369",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95369"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Helion Eucalyptus",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "v4.3.0 and earlier"
}
]
}
],
"datePublic": "2017-01-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user\u0027s permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Unauthorized Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T10:57:01.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "95369",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95369"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-01-04T00:00:00",
"ID": "CVE-2016-8520",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Helion Eucalyptus",
"version": {
"version_data": [
{
"version_value": "v4.3.0 and earlier"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user\u0027s permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Unauthorized Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95369"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-8520",
"datePublished": "2018-02-15T22:00:00.000Z",
"dateReserved": "2016-10-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:20:39.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8528 (GCVE-0-2016-8528)
Vulnerability from cvelistv5 – Published: 2018-02-15 22:00 – Updated: 2024-09-16 22:36
VLAI
Summary
A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found.
Severity
No CVSS data available.
CWE
- Remote Escalation of Privilege
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id/1037757 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/95910 | vdb-entryx_refsource_BID |
| https://support.hpe.com/hpsc/doc/public/display?d… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise | Helion Eucalyptus |
Affected:
3.3.0 through 4.3.1
|
Date Public
2017-01-31 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:41.056Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1037757",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037757"
},
{
"name": "95910",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95910"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Helion Eucalyptus",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "3.3.0 through 4.3.1"
}
]
}
],
"datePublic": "2017-01-31T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T10:57:01.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "1037757",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037757"
},
{
"name": "95910",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95910"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-01-31T00:00:00",
"ID": "CVE-2016-8528",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Helion Eucalyptus",
"version": {
"version_data": [
{
"version_value": "3.3.0 through 4.3.1"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1037757",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037757"
},
{
"name": "95910",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95910"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-8528",
"datePublished": "2018-02-15T22:00:00.000Z",
"dateReserved": "2016-10-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:36:32.160Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8520 (GCVE-0-2016-8520)
Vulnerability from cvelistv5 – Published: 2018-02-15 22:00 – Updated: 2024-09-16 23:20
VLAI
Summary
HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data.
Severity
No CVSS data available.
CWE
- Remote Unauthorized Access
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/95369 | vdb-entryx_refsource_BID |
| https://support.hpe.com/hpsc/doc/public/display?d… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Hewlett Packard Enterprise | Helion Eucalyptus |
Affected:
v4.3.0 and earlier
|
Date Public
2017-01-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:27:40.198Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95369",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95369"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Helion Eucalyptus",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "affected",
"version": "v4.3.0 and earlier"
}
]
}
],
"datePublic": "2017-01-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user\u0027s permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Unauthorized Access",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-16T10:57:01.000Z",
"orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"shortName": "hpe"
},
"references": [
{
"name": "95369",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95369"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@hpe.com",
"DATE_PUBLIC": "2017-01-04T00:00:00",
"ID": "CVE-2016-8520",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Helion Eucalyptus",
"version": {
"version_data": [
{
"version_value": "v4.3.0 and earlier"
}
]
}
}
]
},
"vendor_name": "Hewlett Packard Enterprise"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user\u0027s permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Unauthorized Access"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95369",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95369"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
"assignerShortName": "hpe",
"cveId": "CVE-2016-8520",
"datePublished": "2018-02-15T22:00:00.000Z",
"dateReserved": "2016-10-07T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:20:39.331Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}