CVE-2013-4766
Eucalyptus Unauthorized Access to CC/NC Log Files
EPSS 0.25%
Description
The gather log service in Eucalyptus before 3.3.1 allows remote attackers to read log files via an unspecified request to the (1) Cluster Controller (CC) or (2) Node Controller (NC) component.
How to fix CVE-2013-4766
To remediate CVE-2013-4766, upgrade the affected package to a fixed version below.
- Maven/org.jclouds.api:eucalyptus—upgrade to 3.3.1 or later
Is CVE-2013-4766 being exploited?
Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 3.3.1