CVE-2025-26521 Apache CloudStack: CKS cluster in project exposes user API keys

When an Apache CloudStack user-account creates a CKS-based Kubernetes cluster in a project, the API key and the secret key of the 'kubeadmin' user of the caller account are used to create the secret config in the CKS-based Kubernetes cluster. A member of the project who can access the CKS-based...

CVE-2025-47849 Apache CloudStack: Insecure access of user's API/Secret Keys in the same domain

A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can get the API key and secret key of user-accounts of Admin role type in the same domain. This operation is not appropriately restricted and...

CVE-2025-47849

CVE-2025-47849 (Apache CloudStack) : Privilege escalation affects CloudStack versions 4.10.0.0 through 4.20.0.0. A malicious Domain Admin in the ROOT domain can obtain the API key and secret key of Admin-role accounts in the same domain, enabling impersonation and access to sensitive APIs and res...

CVE-2025-47849 Apache CloudStack: Insecure access of user's API/Secret Keys in the same domain

A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can get the API key and secret key of user-accounts of Admin role type in the same domain. This operation is not appropriately restricted and...

CVE-2025-47713 Apache CloudStack: Domain Admin can reset Admin password in Root Domain

A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can reset the password of user-accounts of Admin role type. This operation is not appropriately restricted and allows the attacker to assume...

CVE-2025-47713 Apache CloudStack: Domain Admin can reset Admin password in Root Domain

A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can reset the password of user-accounts of Admin role type. This operation is not appropriately restricted and allows the attacker to assume...

CVE-2025-47713

Apache CloudStack

Apache CloudStack 安全漏洞

Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. An authorization issue vulnerability exists in Apache CloudStack...

Apache CloudStack 安全漏洞

Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack has a security vulnerability that can be exploited ...

Apache CloudStack 信息泄露漏洞

Apache CloudStack is a suite of Infrastructure-as-a-Service IaaS cloud computing platforms from the Apache USA Foundation. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack suffers from an information disclosure vulnerability that stems from...

Apache CloudStack 安全漏洞

Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack has a security vulnerability that can be exploited ...

PT-2025-25168 · Apache · Apache Cloudstack

Name of the Vulnerable Software and Affected Versions: Apache CloudStack versions prior to 4.19.3.0 Apache CloudStack versions prior to 4.20.1.0 Description: A flaw in access control affects the "listTemplates" and "listIsos" APIs. A malicious Domain Admin or Resource Admin can exploit this issue...

PT-2025-25170 · Apache · Apache Cloudstack

Name of the Vulnerable Software and Affected Versions: Apache CloudStack versions 4.10.0.0 through 4.20.0.0 Description: A privilege escalation issue exists where a malicious Domain Admin user in the ROOT domain can reset the password of user-accounts of Admin role type, allowing the attacker to...

PT-2025-25171 · Apache · Apache Cloudstack

Name of the Vulnerable Software and Affected Versions: Apache CloudStack versions 4.10.0.0 through 4.20.0.0 Description: A privilege escalation issue exists where a malicious Domain Admin user in the ROOT domain can obtain the API key and secret key of user-accounts of Admin role type in the same...

Apache CloudStack 信息泄露漏洞

Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack suffers from an information disclosure vulnerabilit...

PT-2025-25167 · Apache · Apache Cloudstack

Name of the Vulnerable Software and Affected Versions: Apache CloudStack versions prior to 4.19.3.0 Apache CloudStack versions prior to 4.20.1.0 Description: The issue allows a member of a project to access the API key and secret key of the 'kubeadmin' user of the CKS cluster's creator's account,...

PT-2025-25166 · Unknown · Cloudstack

Name of the Vulnerable Software and Affected Versions: CloudStack version 4.20.0.0 Description: The CloudStack Quota plugin has an improper privilege management logic. Anyone with authenticated user-account access in CloudStack environments where this plugin is enabled can enable or disable...

CVE-2025-22828

CloudStack users can add and read comments annotations on resources they are authorised to access. Due to an access validation issue that affects Apache CloudStack versions from 4.16.0, users who have access, prior access or knowledge of resource UUIDs can list and add comments annotations to suc...

CVE-2024-29008

A problem has been identified in the CloudStack additional VM configuration extraconfig feature which can be misused by anyone who has privilege to deploy a VM instance or configure settings of an already deployed VM instance, to configure additional VM configuration even when the feature is not...

CVE-2024-29006

By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it as the source IP of an API request. This could lead to authentication bypass and other operational problems should an attacker decide to spoof their IP address this way. Users are recommended to upgrad...