8 matches found
CVE-2026-25199
Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxmox extension for CloudStack improperly uses a user-editable instance setting, proxmoxvmid, to associate...
EUVD-2026-28550
Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxmox extension for CloudStack improperly uses a user-editable instance setting, proxmoxvmid, to associate...
CVE-2026-25199
Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxmox extension for CloudStack improperly uses a user-editable instance setting, proxmoxvmid, to associate...
CVE-2026-25199 Apache CloudStack: Proxmox Extension Allows Unauthorized Cross-Tenant Instance Access
Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxmox extension for CloudStack improperly uses a user-editable instance setting, proxmoxvmid, to associate...
CVE-2026-25199 Apache CloudStack: Proxmox Extension Allows Unauthorized Cross-Tenant Instance Access
Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache CloudStack: from 4.21.0.0 through 4.22.0.0. The Proxmox extension for CloudStack improperly uses a user-editable instance setting, proxmoxvmid, to associate...
CVE-2026-25199
The CVE describes a vulnerability in the Proxmox extension for Apache CloudStack (affecting 4.21.0.0–4.22.0.0) where the user-editable proxmox_vmid setting is not validated against tenant ownership. An unauthenticated attacker can modify proxmox_vmid to reference a VM owned by another account, gr...
Apache CloudStack 信息泄露漏洞
Apache CloudStack is an IaaS cloud computing platform developed by the Apache Foundation in the United States. This platform is primarily used for deploying and managing large-scale virtual machine networks. Versions 4.21.0.0 to 4.22.0.0 of Apache CloudStack contained a vulnerability related to...
PT-2026-38919
Name of the Vulnerable Software and Affected Versions Apache CloudStack versions 4.21.0.0 through 4.22.0.0 Description Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. The Proxmox extension improperly uses a user-editable instance...