CVE-2012-5616 (GCVE-0-2012-5616)

Vulnerability from cvelistv5 – Published: 2013-01-22 23:00 – Updated: 2024-08-06 21:14
VLAI?
Summary
Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://support.citrix.com/article/CTX136163 x_refsource_CONFIRM
http://osvdb.org/89146 vdb-entryx_refsource_OSVDB
http://seclists.org/fulldisclosure/2013/Jan/65 mailing-listx_refsource_FULLDISC
http://osvdb.org/89147 vdb-entryx_refsource_OSVDB
http://www.securityfocus.com/bid/57225 vdb-entryx_refsource_BID
http://mail-archives.apache.org/mod_mbox/incubato… mailing-listx_refsource_MLIST
http://secunia.com/advisories/51821 third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/bid/57259 vdb-entryx_refsource_BID
http://osvdb.org/89070 vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/51366 third-party-advisoryx_refsource_SECUNIA
http://secunia.com/advisories/51827 third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id?1027978 vdb-entryx_refsource_SECTRACK
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T21:14:16.356Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.citrix.com/article/CTX136163"
          },
          {
            "name": "89146",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/89146"
          },
          {
            "name": "20130110 CVE-2012-5616: Apache CloudStack information disclosure vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2013/Jan/65"
          },
          {
            "name": "89147",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/89147"
          },
          {
            "name": "57225",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/57225"
          },
          {
            "name": "[incubator-cloudstack-users] 20130110 CVE-2012-5616: Apache CloudStack information disclosure vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201301.mbox/%3C1BD2169F-BBFE-4E27-B50F-F17D7D08B565%40stratosec.co%3E"
          },
          {
            "name": "51821",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51821"
          },
          {
            "name": "57259",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/57259"
          },
          {
            "name": "89070",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/89070"
          },
          {
            "name": "51366",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51366"
          },
          {
            "name": "51827",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51827"
          },
          {
            "name": "1027978",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027978"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-01-10T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-03-30T09:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.citrix.com/article/CTX136163"
        },
        {
          "name": "89146",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/89146"
        },
        {
          "name": "20130110 CVE-2012-5616: Apache CloudStack information disclosure vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2013/Jan/65"
        },
        {
          "name": "89147",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/89147"
        },
        {
          "name": "57225",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/57225"
        },
        {
          "name": "[incubator-cloudstack-users] 20130110 CVE-2012-5616: Apache CloudStack information disclosure vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201301.mbox/%3C1BD2169F-BBFE-4E27-B50F-F17D7D08B565%40stratosec.co%3E"
        },
        {
          "name": "51821",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51821"
        },
        {
          "name": "57259",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/57259"
        },
        {
          "name": "89070",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/89070"
        },
        {
          "name": "51366",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51366"
        },
        {
          "name": "51827",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51827"
        },
        {
          "name": "1027978",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027978"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2012-5616",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://support.citrix.com/article/CTX136163",
              "refsource": "CONFIRM",
              "url": "http://support.citrix.com/article/CTX136163"
            },
            {
              "name": "89146",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/89146"
            },
            {
              "name": "20130110 CVE-2012-5616: Apache CloudStack information disclosure vulnerability",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2013/Jan/65"
            },
            {
              "name": "89147",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/89147"
            },
            {
              "name": "57225",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/57225"
            },
            {
              "name": "[incubator-cloudstack-users] 20130110 CVE-2012-5616: Apache CloudStack information disclosure vulnerability",
              "refsource": "MLIST",
              "url": "http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201301.mbox/%3C1BD2169F-BBFE-4E27-B50F-F17D7D08B565@stratosec.co%3E"
            },
            {
              "name": "51821",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51821"
            },
            {
              "name": "57259",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/57259"
            },
            {
              "name": "89070",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/89070"
            },
            {
              "name": "51366",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51366"
            },
            {
              "name": "51827",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51827"
            },
            {
              "name": "1027978",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1027978"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-5616",
    "datePublished": "2013-01-22T23:00:00",
    "dateReserved": "2012-10-24T00:00:00",
    "dateUpdated": "2024-08-06T21:14:16.356Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-5616\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-01-22T23:55:02.887\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API.\"},{\"lang\":\"es\",\"value\":\"CloudStack Apache v4.0.0-incubaci\u00f3n y Citrix CloudPlatform (anteriormente Citrix CloudStack ) anterior a v3.0.6 almacena informaci\u00f3n sensible en el archivo de registro log4j.conf, lo que permite a usuarios locales obtener (1) la clave privada SSH registradas por la API createSSHKeyPair, (2) la contrase\u00f1a de un host agregado registrada por la API AddHost, o la contrase\u00f1a de un VM a\u00f1adido seg\u00fan los registrado por el DeployVM (3) o (4) API ResetPasswordForVM.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:S/C:P/I:N/A:N\",\"baseScore\":1.5,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":2.7,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-255\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:cloudstack:4.0.0:incubating:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA46B1B9-FCD7-4F3D-88E6-95B1A5A0497C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:citrix:cloudplatform:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"3.0.5\",\"matchCriteriaId\":\"B7802906-7538-4434-B1F9-89C10ECE8A3E\"}]}]}],\"references\":[{\"url\":\"http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201301.mbox/%3C1BD2169F-BBFE-4E27-B50F-F17D7D08B565%40stratosec.co%3E\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://osvdb.org/89070\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://osvdb.org/89146\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://osvdb.org/89147\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://seclists.org/fulldisclosure/2013/Jan/65\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/51366\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/51821\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/51827\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://support.citrix.com/article/CTX136163\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/57225\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/57259\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securitytracker.com/id?1027978\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201301.mbox/%3C1BD2169F-BBFE-4E27-B50F-F17D7D08B565%40stratosec.co%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/89070\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/89146\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/89147\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2013/Jan/65\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/51366\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/51821\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/51827\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.citrix.com/article/CTX136163\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/57225\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/57259\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1027978\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.