3 matches found
EUVD-2025-199819
In Apache CloudStack, a gap in access control checks affected the APIs - createNetworkACL - listNetworkACLs - listResourceDetails - listVirtualMachinesUsageHistory - listVolumesUsageHistory While these APIs were accessible only to authorized users, insufficient permission validation meant that...
CVE-2025-59454 Apache CloudStack: Lack of user permission validation leading to data leak for few APIs
In Apache CloudStack, a gap in access control checks affected the APIs - createNetworkACL - listNetworkACLs - listResourceDetails - listVirtualMachinesUsageHistory - listVolumesUsageHistory While these APIs were accessible only to authorized users, insufficient permission validation meant that...
PT-2025-48265
Name of the Vulnerable Software and Affected Versions Apache CloudStack versions prior to 4.20.2.0 Apache CloudStack versions prior to 4.22.0.0 Description A flaw in access control checks within Apache CloudStack allowed authorized users to potentially access information beyond their intended...