CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6861

HPE Helion Eucalyptus 3.4.0 through 4.2.0 allows remote authenticated users to bypass an intended AssumeRole permission requirement and assume an IAM role by leveraging a policy setting for a user's account.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.5%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 4.6

References

Products affected by CVE-2015-6861

Eucalyptus » Eucalyptus » Version: 3.4.0

cpe:2.3:a:eucalyptus:eucalyptus:3.4.0
Eucalyptus » Eucalyptus » Version: 3.4.1

cpe:2.3:a:eucalyptus:eucalyptus:3.4.1
Eucalyptus » Eucalyptus » Version: 3.4.2

cpe:2.3:a:eucalyptus:eucalyptus:3.4.2
Eucalyptus » Eucalyptus » Version: 3.4.3

cpe:2.3:a:eucalyptus:eucalyptus:3.4.3
Eucalyptus » Eucalyptus » Version: 4.0.0

cpe:2.3:a:eucalyptus:eucalyptus:4.0.0
Eucalyptus » Eucalyptus » Version: 4.0.1

cpe:2.3:a:eucalyptus:eucalyptus:4.0.1
Eucalyptus » Eucalyptus » Version: 4.0.2

cpe:2.3:a:eucalyptus:eucalyptus:4.0.2
Eucalyptus » Eucalyptus » Version: 4.1.0

cpe:2.3:a:eucalyptus:eucalyptus:4.1.0
Eucalyptus » Eucalyptus » Version: 4.1.1

cpe:2.3:a:eucalyptus:eucalyptus:4.1.1
Eucalyptus » Eucalyptus » Version: 4.1.2

cpe:2.3:a:eucalyptus:eucalyptus:4.1.2
Eucalyptus » Eucalyptus » Version: 4.2.0

cpe:2.3:a:eucalyptus:eucalyptus:4.2.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-6861

Products

Pricing

Contact Us