CVE-2014-5036

{"id": "CVE-2014-5036", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 1.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-09-05T14:55:03.553", "references": [{"url": "http://secunia.com/advisories/60359", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/60712", "source": "cve@mitre.org"}, {"url": "https://www.eucalyptus.com/resources/security/advisories/esa-23", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The Storage Controller (SC) component in Eucalyptus 3.4.2 through 4.0.x before 4.0.1, when Dell Equallogic SAN is used, logs the CHAP user credentials, which allows local users to obtain sensitive information by reading the logs."}, {"lang": "es", "value": "El componente Storage Controller (SC) en Eucalyptus 3.4.2 hasta 4.0.x anterior a 4.0.1, cuando se utiliza Dell Equallogic SAN, registra las credenciales del usuarios CHAP, lo que permite a usuarios locales obtener informaci\u00f3n sensible mediante la lectura de los registros."}], "lastModified": "2014-09-08T14:32:10.377", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0E3EDA2-578C-458C-9C70-0E107AFB3509"}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:3.4.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75C8E8B6-0324-4622-A362-8F118E0FD682"}, {"criteria": "cpe:2.3:a:eucalyptus:eucalyptus:4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5215E04-773F-49E3-83C3-C00B65484674"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}