EUVD-2016-7702

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Security flaw in Apache CloudStack allowing API key reset for non-root users by malicious actors

Reporter	Title	Published	Views	Family All 6
CNVD	Apache CloudStack Authorization Bypass Vulnerability	2 Nov 201600:00	–	cnvd
CVE	CVE-2016-6813	6 Feb 201814:00	–	cve
Cvelist	CVE-2016-6813	6 Feb 201814:00	–	cvelist
NVD	CVE-2016-6813	6 Feb 201814:29	–	nvd
Prion	Design/Logic Flaw	6 Feb 201814:29	–	prion
Positive Technologies	PT-2018-4968 · Apache · Apache Cloudstack	6 Feb 201800:00	–	ptsecurity

[
  {
    "enisaIdVendor": [
      {
        "id": "93177884-5eec-31c9-97ba-e91d62072768",
        "vendor": {
          "name": "Apache Software Foundation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "144824d2-0eca-332f-8740-6f5d7cb882d6",
        "product": {
          "name": "Apache CloudStack"
        },
        "product_version": "4.1 to 4.8.1.0"
      },
      {
        "id": "39921703-e80c-33c3-8694-4eb31799c69a",
        "product": {
          "name": "Apache CloudStack"
        },
        "product_version": "4.9.0.0"
      }
    ]
  }
]

Source	Link
s	www.s.apache.org/qV5l
securityfocus	www.securityfocus.com/bid/93945
mail-archives	www.mail-archives.apache.org/mod_mbox/www-announce/201610.mbox/%3CCAJtfqCupOYQoNY2BNx86_zauses_MpmpiX8WciO_DEaWp6uNig@mail.gmail.com%3E
mail-archives	www.mail-archives.apache.org/mod_mbox/www-announce/201610.mbox/%3CCAJtfqCupOYQoNY2BNx86_zauses_MpmpiX8WciO_DEaWp6uNig%40mail.gmail.com%3E
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

9.2High risk

Vulners AI Score9.2

CVSS 3.19.8

CVSS 27.5

EPSS0.01502