High severity8.8NVD Advisory· Published Feb 15, 2018· Updated Jun 17, 2026
CVE-2016-8520
CVE-2016-8520
Description
HPE Helion Eucalyptus v4.3.0 and earlier does not correctly check IAM user's permissions for accessing versioned objects and ACLs. In some cases, authenticated users with S3 permissions could also access versioned data.
Affected products
2- Range: <=4.3.0
- Hewlett Packard Enterprise/Helion Eucalyptusv5Range: v4.3.0 and earlier
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/95369nvdThird Party AdvisoryVDB Entry
- support.hpe.com/hpsc/doc/public/displaynvdVendor Advisory
News mentions
0No linked articles in our index yet.