CVE-2010-3905

N/A Unknown

Published: December 22, 2010 Modified: April 29, 2026

Description

The password reset feature in the administrator interface for Eucalyptus 2.0.0 and 2.0.1 does not perform authentication, which allows remote attackers to gain privileges by sending password reset requests for other users.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://open.eucalyptus.com/wiki/esa-01

Source: security@ubuntu.com

http://secunia.com/advisories/42632

Source: security@ubuntu.com

Vendor Advisory

http://secunia.com/advisories/42666

Source: security@ubuntu.com

Vendor Advisory

http://www.securityfocus.com/bid/45462

Source: security@ubuntu.com

http://www.ubuntu.com/usn/USN-1033-1

Source: security@ubuntu.com

http://www.vupen.com/english/advisories/2010/3259

Source: security@ubuntu.com

Vendor Advisory

http://www.vupen.com/english/advisories/2010/3260

Source: security@ubuntu.com

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/64167

Source: security@ubuntu.com

http://open.eucalyptus.com/wiki/esa-01