The password reset feature in the administrator interface for Eucalyptus 2.0.0 and 2.0.1 does not perform authentication, which allows remote attackers to gain privileges by sending password reset requests for other users.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: canonical
Published:
Updated: 2024-08-07T03:26:12.270Z
Reserved: 2010-10-12T00:00:00
Link: CVE-2010-3905

No data.

Status : Deferred
Published: 2010-12-22T21:00:15.957
Modified: 2025-04-11T00:51:21.963
Link: CVE-2010-3905

No data.