Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 3:40 a.m.15 views

CVE-2024-45219

Account users in Apache CloudStack by default are allowed to upload and register templates for deploying instances and volumes for attaching them as data disks to their existing instances. Due to missing validation checks for KVM-compatible templates or volumes in CloudStack 4.0.0 through 4.18.2....

8.5CVSS8.7AI score0.01229EPSS
Exploits0References1
NVD
NVD
added 2024/10/16 8:15 a.m.32 views

CVE-2024-45219

Account users in Apache CloudStack by default are allowed to upload and register templates for deploying instances and volumes for attaching them as data disks to their existing instances. Due to missing validation checks for KVM-compatible templates or volumes in CloudStack 4.0.0 through 4.18.2....

8.5CVSS0.01229EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/10/16 7:55 a.m.16 views

CVE-2024-45219 Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure

Account users in Apache CloudStack by default are allowed to upload and register templates for deploying instances and volumes for attaching them as data disks to their existing instances. Due to missing validation checks for KVM-compatible templates or volumes in CloudStack 4.0.0 through 4.18.2....

8.5CVSS7.6AI score0.01229EPSS
Exploits0References3
CVE
CVE
added 2024/10/16 7:55 a.m.65 views

CVE-2024-45219

Apache CloudStack CVE-2024-45219 concerns a KVM-related vulnerability where default user uploads/registrations of templates and volumes can bypass validation for KVM-compatible disks. The issue spans CloudStack versions 4.0.0–4.18.2.3 and 4.19.0.0–4.19.1.1, allowing an attacker who can upload or ...

8.5CVSS8.8AI score0.01229EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder