Apache CloudStack is an Infrastructure-as-a-Service (IaaS) cloud computing platform from the Apache Foundation. The platform is primarily used to deploy and manage large networks of virtual machines.A security feature issue vulnerability exists in versions of Apache CloudStack prior to 4.16.1.0, which stems from Apache CloudStack’s insecure random number generation affecting project email invitations. An attacker could exploit the vulnerability to attackers into tokens with temporal certainty and use these tokens before a legitimate recipient accepts the invitation.
CPE | Name | Operator | Version |
---|---|---|---|
apache apache cloudstack <4. | eq | 16.1.0 |