FKIE_CVE-2012-5616

Vulnerability from fkie_nvd - Published: 2013-01-22 23:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API.
References
secalert@redhat.comhttp://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201301.mbox/%3C1BD2169F-BBFE-4E27-B50F-F17D7D08B565%40stratosec.co%3E
secalert@redhat.comhttp://osvdb.org/89070
secalert@redhat.comhttp://osvdb.org/89146
secalert@redhat.comhttp://osvdb.org/89147
secalert@redhat.comhttp://seclists.org/fulldisclosure/2013/Jan/65
secalert@redhat.comhttp://secunia.com/advisories/51366
secalert@redhat.comhttp://secunia.com/advisories/51821
secalert@redhat.comhttp://secunia.com/advisories/51827
secalert@redhat.comhttp://support.citrix.com/article/CTX136163Vendor Advisory
secalert@redhat.comhttp://www.securityfocus.com/bid/57225
secalert@redhat.comhttp://www.securityfocus.com/bid/57259
secalert@redhat.comhttp://www.securitytracker.com/id?1027978
af854a3a-2127-422b-91ae-364da2661108http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201301.mbox/%3C1BD2169F-BBFE-4E27-B50F-F17D7D08B565%40stratosec.co%3E
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/89070
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/89146
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/89147
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2013/Jan/65
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/51366
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/51821
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/51827
af854a3a-2127-422b-91ae-364da2661108http://support.citrix.com/article/CTX136163Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/57225
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/57259
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1027978
Impacted products
Vendor Product Version
apache cloudstack 4.0.0
citrix cloudplatform *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:cloudstack:4.0.0:incubating:*:*:*:*:*:*",
              "matchCriteriaId": "EA46B1B9-FCD7-4F3D-88E6-95B1A5A0497C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:citrix:cloudplatform:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7802906-7538-4434-B1F9-89C10ECE8A3E",
              "versionEndIncluding": "3.0.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1) the SSH private key as recorded by the createSSHKeyPair API, (2) the password of an added host as recorded by the AddHost API, or the password of an added VM as recorded by the (3) DeployVM or (4) ResetPasswordForVM API."
    },
    {
      "lang": "es",
      "value": "CloudStack Apache v4.0.0-incubaci\u00f3n y Citrix CloudPlatform (anteriormente Citrix CloudStack ) anterior a v3.0.6 almacena informaci\u00f3n sensible en el archivo de registro log4j.conf, lo que permite a usuarios locales obtener (1) la clave privada SSH registradas por la API createSSHKeyPair, (2) la contrase\u00f1a de un host agregado registrada por la API AddHost, o la contrase\u00f1a de un VM a\u00f1adido seg\u00fan los registrado por el DeployVM (3) o (4) API ResetPasswordForVM."
    }
  ],
  "id": "CVE-2012-5616",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 1.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:M/Au:S/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 2.7,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-01-22T23:55:02.887",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201301.mbox/%3C1BD2169F-BBFE-4E27-B50F-F17D7D08B565%40stratosec.co%3E"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/89070"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/89146"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://osvdb.org/89147"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://seclists.org/fulldisclosure/2013/Jan/65"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/51366"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/51821"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/51827"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.citrix.com/article/CTX136163"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/57225"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/57259"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1027978"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://mail-archives.apache.org/mod_mbox/incubator-cloudstack-users/201301.mbox/%3C1BD2169F-BBFE-4E27-B50F-F17D7D08B565%40stratosec.co%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/89070"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/89146"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/89147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2013/Jan/65"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/51366"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/51821"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/51827"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.citrix.com/article/CTX136163"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/57225"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/57259"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1027978"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-255"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.