7.4 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
19.3%
ZStack Cloud version 3.10.38 and before allows unauthenticated API access to the list of active job UUIDs and the session ID for each of these. This leads to privilege escalation.
github.com/zstackio/zstack/security/advisories/GHSA-w2rv-x3pp-h67q