389 matches found
CVE-2025-69233
Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limits configured for their accounts/domains. This can be used by an attacker to degrade the...
CVE-2025-66172
The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and have access to specific APIs can restore a volume from any other user's backups and...
CVE-2026-25199
The CVE describes a vulnerability in the Proxmox extension for Apache CloudStack (affecting 4.21.0.0–4.22.0.0) where the user-editable proxmox_vmid setting is not validated against tenant ownership. An unauthenticated attacker can modify proxmox_vmid to reference a VM owned by another account, gr...
CVE-2026-25199 Apache CloudStack: Proxmox Extension Allows Unauthorized Cross-Tenant Instance Access
Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxmox extension for CloudStack improperly uses a user-editable instance setting, proxmoxvmid, to associate...
CVE-2026-25199 Apache CloudStack: Proxmox Extension Allows Unauthorized Cross-Tenant Instance Access
Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxmox extension for CloudStack improperly uses a user-editable instance setting, proxmoxvmid, to associate...
CVE-2026-25077
CVE-2026-25077 affects Apache CloudStack with KVM deployments. Due to missing file name sanitization, account users can register templates for direct download to primary storage, enabling an attacker to execute arbitrary code on KVM hosts. This can compromise resource integrity and confidentialit...
CVE-2026-25077 Apache CloudStack: Unauthenticated Command Injection in Direct Download Templates
Account users are allowed by default to register templates to be downloaded directly to the primary storage for deploying instances using the KVM hypervisor. Due to missing file name sanitization, an attacker can register malicious templates to execute arbitrary code on the KVM hosts. This can...
CVE-2026-25077 Apache CloudStack: Unauthenticated Command Injection in Direct Download Templates
Account users are allowed by default to register templates to be downloaded directly to the primary storage for deploying instances using the KVM hypervisor. Due to missing file name sanitization, an attacker can register malicious templates to execute arbitrary code on the KVM hosts. This can...
CVE-2025-69233 Apache CloudStack: Domain/account resources limits not honored
Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limits configured for their accounts/domains. This can be used by an attacker to degrade the...
CVE-2025-69233
CVE-2025-69233 affects Apache CloudStack and describes time-of-check/time-of-use race conditions in the resource count check and increment logic, along with missing validations, that allow users to exceed allocation limits for accounts/domains. This can enable an attacker to degrade infrastructur...
CVE-2025-69233 Apache CloudStack: Domain/account resources limits not honored
Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limits configured for their accounts/domains. This can be used by an attacker to degrade the...
CVE-2025-66467 Apache CloudStack: MinIO policy remains intact on bucket deletion
Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, the previous owners can gain unauthorized read and write access to it by using the previously...
CVE-2025-66467 Apache CloudStack: MinIO policy remains intact on bucket deletion
Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, the previous owners can gain unauthorized read and write access to it by using the previously...
CVE-2025-66467
CVE-2025-66467 affects Apache CloudStack in scenarios where MinIO policy cleanup is not performed on bucket deletion. The issue allows previous bucket owners to retain access to buckets they formerly owned: if another user creates a bucket with the same name, those prior owners can gain unauthori...
CVE-2025-66172
The CVE pertains to CloudStack’s Backup plugin, affected in versions 4.21.0.0 to 4.22.0.0, where improper access logic allows any authenticated user in a CloudStack 4.21.0.0+ environment (with the plugin enabled and API access) to restore a volume from another user’s backups and attach it to thei...
CVE-2025-66172 Apache CloudStack: Any user can attach a volume in their VMs from backups they should not have access to
The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and have access to specific APIs can restore a volume from any other user's backups and...
CVE-2025-66172 Apache CloudStack: Any user can attach a volume in their VMs from backups they should not have access to
The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and have access to specific APIs can restore a volume from any other user's backups and...
CVE-2025-66171 Apache CloudStack: Any user can create a new VM from backups they should not have access to
The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and have access to specific APIs can create new VMs using backups of any other user of the...
CVE-2025-66171
CVE-2025-66171 affects the CloudStack Backup plugin in CloudStack 4.21.0.0 and 4.22.0.0, where an improper access logic allows any authenticated user with access to specific APIs to create new VMs using backups belonging to other users. Public docs from NVD/CVE and EUVD- ENISA reiterate upgrade g...
CVE-2025-66171 Apache CloudStack: Any user can create a new VM from backups they should not have access to
The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access in CloudStack 4.21.0.0+ environments, where this plugin is enabled and have access to specific APIs can create new VMs using backups of any other user of the...