3 matches found
CVE-2024-38346
creationtimestamp| type| source ---|---|--- 2024-07-05 16:40:36+00:00| seen| https://t.me/cvedetector/104 2024-07-09 10:08:51+00:00| seen| https://t.me/HackingInsights/5330...
CVE-2024-38346
CVE-2024-38346 affects Apache CloudStack’s cluster service that runs on an unauthenticated port (default 9090). The provided documents describe a code-injection vulnerability enabling remote code execution on targeted hypervisors and CloudStack management server hosts, potentially leading to comp...
CVE-2024-38346 Apache CloudStack: Unauthenticated cluster service port leads to remote execution
The CloudStack cluster service runs on unauthenticated port default 9090 that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts. Some of these commands were found to have command injection vulnerabilities that can result in arbitrary code...