Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:43 a.m.10 views

CVE-2022-26779

Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens. If a project invite is created based only on an email address, a random token is generated. An attacker with knowledge of the project ID and the fact that the invite is sent, could generate...

7.5CVSS6.7AI score0.02806EPSS
Exploits1References1
Circl
Circl
added 2022/03/15 7:19 p.m.7 views

CVE-2022-26779

creationtimestamp| type| source ---|---|--- 2022-03-15 19:19:47+00:00| seen| https://t.me/cibsecurity/38952...

7.5CVSS7.3AI score0.02806EPSS
Exploits1References1
NVD
NVD
added 2022/03/15 4:15 p.m.29 views

CVE-2022-26779

Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens. If a project invite is created based only on an email address, a random token is generated. An attacker with knowledge of the project ID and the fact that the invite is sent, could generate...

7.5CVSS0.02806EPSS
Exploits1References3
OSV
OSV
added 2022/03/15 3:40 p.m.18 views

CVE-2022-26779 Apache Cloudstack insecure random number generation affects project email invitation

Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens. If a project invite is created based only on an email address, a random token is generated. An attacker with knowledge of the project ID and the fact that the invite is sent, could generate...

7.5CVSS7.1AI score0.02806EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/03/15 3:40 p.m.25 views

CVE-2022-26779 Apache Cloudstack insecure random number generation affects project email invitation

Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens. If a project invite is created based only on an email address, a random token is generated. An attacker with knowledge of the project ID and the fact that the invite is sent, could generate...

7.6AI score0.02806EPSS
Exploits1References3
CVE
CVE
added 2022/03/15 3:40 p.m.124 views

CVE-2022-26779

CVE-2022-26779 (Apache CloudStack) affects CloudStack versions prior to 4.16.1.0, where project invitation tokens were generated with insecure randomness when an invite is created based on an email address. The root cause is the insecure RNG, enabling an attacker who knows the project ID and that...

7.5CVSS7.4AI score0.02806EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder