Cloudstack@4.1.1 Security Vulnerabilities and Issues — Cloudstack@4.1.1 CVE List

Lucene search

ApacheCloudstack4.1.1

3 matches found

CVE•added 2014/01/15 4:8 p.m.•38 views

CVE-2014-0031

The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache CloudStack before 4.2.1 allow remote authenticated users to list network ACLS for other users via a crafted request.

4CVSS6.4AI score0.00323EPSS

CVE•added 2018/02/06 2:29 p.m.•37 views

CVE-2013-4317

In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their own.

4.3CVSS4.5AI score0.00459EPSS

CVE•added 2014/01/15 4:8 p.m.•31 views

CVE-2013-6398

The virtual router in Apache CloudStack before 4.2.1 does not preserve the source restrictions in firewall rules after being restarted, which allows remote attackers to bypass intended restrictions via a request.

2.8CVSS6.7AI score0.00989EPSS