ZStack 代码问题漏洞

ZStack is an open source IaaS Infrastructure as a Service software designed to automate data centers and manage compute, storage, and network resources through APIs. Zstack suffers from a code issue vulnerability that stems from a pre-authentication insecure deserialization vulnerability in the...

CVE-2021-32829

ZStack is open source IaaSinfrastructure as a service software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. Affected versions of ZStack REST API are vulnerable to post-authentication Remote Code Execution RCE via bypass of the Groovy shell...

CVE-2021-32829

ZStack is open source IaaSinfrastructure as a service software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. Affected versions of ZStack REST API are vulnerable to post-authentication Remote Code Execution RCE via bypass of the Groovy shell...

Design/Logic Flaw

ZStack is open source IaaSinfrastructure as a service software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. Affected versions of ZStack REST API are vulnerable to post-authentication Remote Code Execution RCE via bypass of the Groovy shell...

CVE-2021-32829

ZStack REST API is affected by a post-authentication Remote Code Execution (RCE) vulnerability via bypass of the Groovy sandbox. The GET zstack/v1/batch-queries?script endpoint processes a Groovy script through APIBatchQueryMsg.script, evaluated in BatchQuery.query, with sandboxing applied by San...

CVE-2021-32829 Post-authentication Remote Code Execution (RCE) in ZStack REST API

ZStack is open source IaaSinfrastructure as a service software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs. Affected versions of ZStack REST API are vulnerable to post-authentication Remote Code Execution RCE via bypass of the Groovy shell...

PT-2021-19960 · Zstack · Z-Stack

Name of the Vulnerable Software and Affected Versions: ZStack versions prior to 3.8.21 ZStack versions prior to 3.10.8 ZStack versions prior to 4.1.0 Description: ZStack is open source IaaS software aiming to automate datacenters, managing resources of compute, storage, and networking all by APIs...

ZStack 代码注入漏洞

ZStack is an open source IaaS Infrastructure as a Service software designed to automate data centers and manage compute, storage, and network resources through APIs. ZStack suffers from a code injection vulnerability that can be exploited by an attacker to remotely execute code...

Information leakage vulnerability in Zstack Clound of Shanghai Cloud Axis Information Technology Co.

The business scope of Shanghai Cloud Axis Information Technology Co., Ltd. includes: engaging in information technology, network technology in the field of technology development, technical services, technology transfer, technology consulting and so on. Shanghai Cloud Axis Information Technology...

CVE-2020-27892

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Discover Commands Received Response message or a ZCL Discover Commands Generated Response message. It crashes in zclParseInDiscCmdsRspCmd...

Unauthorized Access Vulnerability in ZStack Cloud Platform

ZStack cloud platform for Yanbian Agricultural and Commercial Bank through the "management node HA + storage dual-activity" solution to achieve high-availability architecture, to create an elastic, stable private cloud platform, showing excellent agile delivery capabilities. There is an...