Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for Helion Eucalyptus by Hewlett Packard Enterprise

    CVE-2016-8528 (GCVE-0-2016-8528)

    Vulnerability from nvd – Published: 2018-02-15 22:00 – Updated: 2024-09-16 22:36
    VLAI
    Summary
    A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found.
    Severity
    No CVSS data available.
    CWE
    • Remote Escalation of Privilege
    Assigner
    hpe
    References
    URL Tags
    http://www.securitytracker.com/id/1037757 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/95910 vdb-entryx_refsource_BID
    https://support.hpe.com/hpsc/doc/public/display?d… x_refsource_CONFIRM
    Impacted products
    Date Public
    2017-01-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:27:41.056Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1037757",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037757"
              },
              {
                "name": "95910",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95910"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Helion Eucalyptus",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.3.0 through 4.3.1"
                }
              ]
            }
          ],
          "datePublic": "2017-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Escalation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-16T10:57:01.000Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "name": "1037757",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037757"
            },
            {
              "name": "95910",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95910"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@hpe.com",
              "DATE_PUBLIC": "2017-01-31T00:00:00",
              "ID": "CVE-2016-8528",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Helion Eucalyptus",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "3.3.0 through 4.3.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Hewlett Packard Enterprise"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Escalation of Privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1037757",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037757"
                },
                {
                  "name": "95910",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95910"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2016-8528",
        "datePublished": "2018-02-15T22:00:00.000Z",
        "dateReserved": "2016-10-07T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:36:32.160Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8520 (GCVE-0-2016-8520)

    Vulnerability from nvd – Published: 2018-02-15 22:00 – Updated: 2024-09-16 23:20
    VLAI
    Summary
    HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data.
    Severity
    No CVSS data available.
    CWE
    • Remote Unauthorized Access
    Assigner
    hpe
    References
    Impacted products
    Date Public
    2017-01-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:27:40.198Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "95369",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95369"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Helion Eucalyptus",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "status": "affected",
                  "version": "v4.3.0 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2017-01-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user\u0027s permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Unauthorized Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-16T10:57:01.000Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "name": "95369",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95369"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@hpe.com",
              "DATE_PUBLIC": "2017-01-04T00:00:00",
              "ID": "CVE-2016-8520",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Helion Eucalyptus",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "v4.3.0 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Hewlett Packard Enterprise"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user\u0027s permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Unauthorized Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "95369",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95369"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2016-8520",
        "datePublished": "2018-02-15T22:00:00.000Z",
        "dateReserved": "2016-10-07T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:20:39.331Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8528 (GCVE-0-2016-8528)

    Vulnerability from cvelistv5 – Published: 2018-02-15 22:00 – Updated: 2024-09-16 22:36
    VLAI
    Summary
    A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found.
    Severity
    No CVSS data available.
    CWE
    • Remote Escalation of Privilege
    Assigner
    hpe
    References
    URL Tags
    http://www.securitytracker.com/id/1037757 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/95910 vdb-entryx_refsource_BID
    https://support.hpe.com/hpsc/doc/public/display?d… x_refsource_CONFIRM
    Impacted products
    Date Public
    2017-01-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:27:41.056Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1037757",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1037757"
              },
              {
                "name": "95910",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95910"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Helion Eucalyptus",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "status": "affected",
                  "version": "3.3.0 through 4.3.1"
                }
              ]
            }
          ],
          "datePublic": "2017-01-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Escalation of Privilege",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-16T10:57:01.000Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "name": "1037757",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1037757"
            },
            {
              "name": "95910",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95910"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@hpe.com",
              "DATE_PUBLIC": "2017-01-31T00:00:00",
              "ID": "CVE-2016-8528",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Helion Eucalyptus",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "3.3.0 through 4.3.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Hewlett Packard Enterprise"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A Remote Escalation of Privilege vulnerability in HPE Helion Eucalyptus version 3.3.0 through 4.3.1 was found."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Escalation of Privilege"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1037757",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1037757"
                },
                {
                  "name": "95910",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95910"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05382868"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2016-8528",
        "datePublished": "2018-02-15T22:00:00.000Z",
        "dateReserved": "2016-10-07T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:36:32.160Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-8520 (GCVE-0-2016-8520)

    Vulnerability from cvelistv5 – Published: 2018-02-15 22:00 – Updated: 2024-09-16 23:20
    VLAI
    Summary
    HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data.
    Severity
    No CVSS data available.
    CWE
    • Remote Unauthorized Access
    Assigner
    hpe
    References
    Impacted products
    Date Public
    2017-01-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T02:27:40.198Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "95369",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/95369"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Helion Eucalyptus",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "status": "affected",
                  "version": "v4.3.0 and earlier"
                }
              ]
            }
          ],
          "datePublic": "2017-01-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user\u0027s permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Remote Unauthorized Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-02-16T10:57:01.000Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "name": "95369",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/95369"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@hpe.com",
              "DATE_PUBLIC": "2017-01-04T00:00:00",
              "ID": "CVE-2016-8520",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Helion Eucalyptus",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "v4.3.0 and earlier"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Hewlett Packard Enterprise"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user\u0027s permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Remote Unauthorized Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "95369",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/95369"
                },
                {
                  "name": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782",
                  "refsource": "CONFIRM",
                  "url": "https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-c05363782"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2016-8520",
        "datePublished": "2018-02-15T22:00:00.000Z",
        "dateReserved": "2016-10-07T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:20:39.331Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }