Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

389 matches found

seebug.org
seebug.orgadded 2013/01/14 12:0 a.m.32 views

Apache CloudStack本地信息泄露漏洞

BUGTRAQ ID: 57259 CVECAN ID: CVE-2012-5616 Apache CloudStack是部署和管理大型虚拟机网络的开源软件。 Apache CloudStack 4.0.0-incubating及其他版本存在安全漏洞,本地用户可利用此漏洞泄露敏感信息。 1) createSSHKeyPair API命令内存在错误,此命令将新建的SSH密钥存储在日志文件中,可造成密钥泄露。 2)AddHost API呼叫将某些信息记录在日志文件内,可造成泄露已添加主机的密码。 3)DeployVM和ResetPasswordForVM...

1.5CVSS6.5AI score0.00566EPSS
Exploits1
NVD
NVDadded 2012/10/26 10:39 a.m.19 views

CVE-2012-4501

Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs...

10CVSS6.8AI score0.07771EPSS
Exploits0References3
Prion
Prionadded 2012/10/26 10:39 a.m.14 views

Code injection

Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs...

10CVSS7.4AI score0.07771EPSS
Exploits0References3
CVE
CVEadded 2012/10/26 10:0 a.m.47 views

CVE-2012-4501

Summary of CVE-2012-4501 (CloudStack/Apache CloudStack) : A configuration vulnerability in development versions of CloudStack/OpenStack incubated CloudStack allowed an attacker to issue arbitrary API calls by abusing the system user account, including deleting VMs. The issue affected CloudStack c...

10CVSS7AI score0.07771EPSS
Exploits0References3Affected Software2
Cvelist
Cvelistadded 2012/10/26 10:0 a.m.25 views

CVE-2012-4501

Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the system user account, as demonstrated by API calls to delete VMs...

6.8AI score0.07771EPSS
Exploits0References3
securityvulns
securityvulnsadded 2012/10/15 12:0 a.m.58 views

[CVE-2012-4501] CloudStack configuration vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 CVE-2012-4501: Apache CloudStack configuration vulnerability Severity: Critical Vendors: The Apache Software Foundation Citrix, Inc. Versions Affected: As no official releases have been made, this does not affect any official Apache CloudStack...

10CVSS1.2AI score0.07771EPSS
Exploits0
securityvulns
securityvulnsadded 2012/10/15 12:0 a.m.30 views

Apache Cloudstack default account

Default account with known password...

10CVSS3.3AI score0.07771EPSS
Exploits0References1
The Hacker News
The Hacker Newsadded 2012/10/09 8:44 p.m.11 views

CVE-2012-4501 : Critical vulnerability warned in Cloudstack

Citrix and the Apache Software Foundation have alerted users to a critical vulnerability in the CloudStack open source cloud infrastructure management software. The vulnerability affects all versions of Cloudstack prior to October 7, including the Citrix commercial version. Vulnerability could...

10CVSS7.5AI score0.07771EPSS
Exploits0
ThreatPost
ThreatPostadded 2012/10/09 5:36 p.m.8 views

Critical Flaw Reported in CloudStack

The Apache Software Foundation is warning users about a configuration problem in the open-source CloudStack platform that could allow an attacker to take a number of unwanted actions, including deleting all of the virtual machines on a system. CloudStack is a project that’s under incubation at th...

2.8AI score
Exploits0References3
Rows per page
Query Builder