Red Hat Bugzilla – Bug 952858
CVE-2013-2296 eucalyptus: Missing Authorization Vulnerability in Walrus
Last modified: 2016-11-07 22:47:00 EST
A flaw was
identified in the way Walrus checks authorization for some operations
on buckets. As a result, an authenticated user does not require
authorization to enable logging and versioning on buckets and
could potentially get access to activity logs for that bucket.
Not affected. This flaw does not affect the jclouds Eucalyptus API as shipped with JBoss Fuse 6.0.0 and Fuse ESB Enterprise 7.1.0.
Created eucalyptus tracking bugs for this issue
Affects: fedora-all [bug 953355]