CVE-2013-4766: Exposure of Sensitive Information to an Unauthorized Actor

May 17, 2022 (updated August 29, 2023)

The gather log service in Eucalyptus before 3.3.1 allows remote attackers to read log files via an unspecified request to the (1) Cluster Controller (CC) or (2) Node Controller (NC) component.

References

www.eucalyptus.com/resources/security/advisories/esa-13
github.com/advisories/GHSA-f5hm-h272-2qwm
nvd.nist.gov/vuln/detail/CVE-2013-4766

Code Behaviors & Features

Detect and mitigate CVE-2013-4766 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →