cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-22828,https://securityvulnerability.io/vulnerability/CVE-2025-22828,Access Control Issue in Apache CloudStack Affects User Comments,"An access validation flaw in Apache CloudStack allows users to add and read comments on resources they are authorized to access. This issue affects versions starting from 4.16.0, and attackers with username and access privileges, as well as knowledge of resource UUIDs, can exploit it. While it's difficult to enumerate resource UUIDs, the potential risk lies in the confidentiality of information stored within comments. The ability to insert or read annotations could lead to unauthorized exposure of sensitive data. Administrators are advised to restrict API access for non-admin roles as a precautionary measure.",Apache,Apache Cloudstack,,,0.0004299999854993075,false,,false,false,true,2025-01-31T04:26:38.000Z,true,false,false,,2025-01-13T12:47:51.619Z,66
CVE-2024-42062,https://securityvulnerability.io/vulnerability/CVE-2024-42062,Understanding the Recent Access Permission Validation Vulnerability in CloudStack,"A significant access permission validation flaw has been identified in Apache CloudStack, allowing domain admin accounts to access API and secret keys generated by all registered account users, including that of root admin accounts. This vulnerability exists in Apache CloudStack versions ranging from 4.10.0 to 4.19.1.0. An attacker leveraging this weakness can escalate their privileges, potentially resulting in unauthorized access, data loss, denial of service, and threats to the overall integrity and confidentiality of the cloud-managed infrastructure. The recommended course of action is immediate upgrading to versions 4.18.2.3 or 4.19.1.1 and the regeneration of all API and secret keys.",Apache,Apache Cloudstack,7.2,HIGH,0.002520000096410513,false,,false,false,false,,,false,false,,2024-08-07T07:17:08.811Z,0
CVE-2024-42222,https://securityvulnerability.io/vulnerability/CVE-2024-42222,Unauthorized Access to Network Details in CloudStack 4.19.1.0,"In Apache CloudStack 4.19.1.0, a regression in the network listing API allows unauthorised list access of network details for domain admin and normal user accounts. This vulnerability compromises tenant isolation, potentially leading to unauthorised access to network details, configurations and data.

Affected users are advised to upgrade to version 4.19.1.1 to address this issue. Users on older versions of CloudStack considering to upgrade, can skip 4.19.1.0 and upgrade directly to 4.19.1.1.",Apache,Apache Cloudstack,4.3,MEDIUM,0.000859999970998615,false,,false,false,false,,,false,false,,2024-08-07T07:16:13.765Z,0
CVE-2024-41107,https://securityvulnerability.io/vulnerability/CVE-2024-41107,SAML Authentication Vulnerability in CloudStack Environments,"CVE-2024-41107 is a SAML authentication vulnerability that affects Apache CloudStack environments. The vulnerability allows attackers to bypass SAML authentication and gain unauthorized access to user accounts and control over cloud resources. It is recommended for affected users to disable the SAML authentication plugin or upgrade to the patched versions 4.18.2.2 or 4.19.1.0. An exploit for this vulnerability has been developed, highlighting the critical nature of the issue. The BSI has issued a security advisory for Apache CloudStack, recommending users to keep their systems up to date and install security updates as soon as they are available. The exploit poses a medium risk for affected systems and can potentially lead to the bypassing of security measures.",Apache,Apache Cloudstack,8.1,HIGH,0.7969300150871277,false,,true,false,true,2024-07-24T16:34:18.000Z,,false,false,,2024-07-19T10:19:53.995Z,0
CVE-2024-38346,https://securityvulnerability.io/vulnerability/CVE-2024-38346,CloudStack Cluster Service Vulnerable to Command Injection Attacks,"The Apache CloudStack management server is affected by a significant security vulnerability that allows attackers to exploit an unauthenticated port (default 9090) to execute arbitrary commands. This vulnerability stems from command injection issues within the CloudStack cluster service, which can lead to remote code execution on compromised hypervisors and management hosts, potentially impacting the overall security and operation of the CloudStack managed infrastructure. To mitigate risks, it is essential to restrict access to the cluster service port and apply the recommended software updates to versions 4.18.2.1 or 4.19.0.2 or later.",Apache,Apache Cloudstack,9.8,CRITICAL,0.0022700000554323196,false,,true,false,false,,,false,false,,2024-07-05T13:40:57.246Z,0
CVE-2024-39864,https://securityvulnerability.io/vulnerability/CVE-2024-39864,Unauthorized Access to CloudStack Management Network Could Lead to Compromise of Infrastructure,"The Apache CloudStack integration API service has a flaw that allows the unauthenticated API server to run on a random port when the configuration incorrectly sets the integration.api.port to 0. This exposes the service to potential attacks by unauthorized users who can access the management network. An attacker can scan for the random port and exploit this vulnerability, leading to unauthorized administrative actions and the possibility of remote code execution on CloudStack managed hosts. This can severely jeopardize the confidentiality, integrity, and availability of the entire managed infrastructure. It is crucial to ensure proper network restrictions and upgrade to version 4.18.2.1, 4.19.0.2 or later to mitigate this risk.",Apache,Apache Cloudstack,9.8,CRITICAL,0.0022700000554323196,false,,true,false,false,,,false,false,,2024-07-05T13:40:37.937Z,0
CVE-2024-29008,https://securityvulnerability.io/vulnerability/CVE-2024-29008,Attacker can exploit feature to attach host devices and gain access to underlying infrastructure,"A problem has been identified in the CloudStack additional VM configuration (extraconfig) feature which can be misused by anyone who has privilege to deploy a VM instance or configure settings of an already deployed VM instance, to configure additional VM configuration even when the feature is not explicitly enabled by the administrator. In a KVM based CloudStack environment, an attacker can exploit this issue to attach host devices such as storage disks, and PCI and USB devices such as network adapters and GPUs, in a regular VM instance that can be further exploited to gain access to the underlying network and storage infrastructure resources, and access any VM instance disks on the local storage.

Users are advised to upgrade to version 4.18.1.1 or 4.19.0.1, which fixes this issue.

",Apache,Apache Cloudstack,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-04T08:15:00.000Z,0
CVE-2022-35741,https://securityvulnerability.io/vulnerability/CVE-2022-35741,Apache CloudStack SAML Single Sign-On XXE,"Apache CloudStack version 4.5.0 and later has a SAML 2.0 authentication Service Provider plugin which is found to be vulnerable to XML external entity (XXE) injection. This plugin is not enabled by default and the attacker would require that this plugin be enabled to exploit the vulnerability. When the SAML 2.0 plugin is enabled in affected versions of Apache CloudStack could potentially allow the exploitation of XXE vulnerabilities. The SAML 2.0 messages constructed during the authentication flow in Apache CloudStack are XML-based and the XML data is parsed by various standard libraries that are now understood to be vulnerable to XXE injection attacks such as arbitrary file reading, possible denial of service, server-side request forgery (SSRF) on the CloudStack management server.",Apache,Apache Cloudstack,9.8,CRITICAL,0.0017500000540167093,false,,false,false,false,,,false,false,,2022-07-18T14:30:14.000Z,0
CVE-2022-26779,https://securityvulnerability.io/vulnerability/CVE-2022-26779,Apache Cloudstack insecure random number generation affects project email invitation,"Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens. If a project invite is created based only on an email address, a random token is generated. An attacker with knowledge of the project ID and the fact that the invite is sent, could generate time deterministic tokens and brute force attempt to use them prior to the legitimate receiver accepting the invite. This feature is not enabled by default, the attacker is required to know or guess the project ID for the invite in addition to the invitation token, and the attacker would need to be an existing authorized user of CloudStack.",Apache,Apache Cloudstack,7.5,HIGH,0.0022700000554323196,false,,false,false,false,,,false,false,,2022-03-15T15:40:11.000Z,0
CVE-2019-17562,https://securityvulnerability.io/vulnerability/CVE-2019-17562,,"A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to 4.13.1. The vulnerability is due to the lack of validation of the mac parameter in baremetal virtual router. If you insert an arbitrary shell command into the mac parameter, v-router will process the command. For example: Normal: http://{GW}:10086/baremetal/provisiondone/{mac}, Abnormal: http://{GW}:10086/baremetal/provisiondone/#';whoami;#. Mitigation of this issue is an upgrade to Apache CloudStack 4.13.1.0 or beyond.",Apache,Apache Cloudstack,9.8,CRITICAL,0.004189999774098396,false,,false,false,false,,,false,false,,2020-05-14T16:14:55.000Z,0
CVE-2016-6813,https://securityvulnerability.io/vulnerability/CVE-2016-6813,,"Apache CloudStack 4.1 to 4.8.1.0 and 4.9.0.0 contain an API call designed to allow a user to register for the developer API. If a malicious user is able to determine the ID of another (non-""root"") CloudStack user, the malicious user may be able to reset the API keys for the other user, in turn accessing their account and resources.",Apache,Apache Cloudstack,9.8,CRITICAL,0.0029700000304728746,false,,false,false,false,,,false,false,,2018-02-06T14:29:00.000Z,0
CVE-2013-4317,https://securityvulnerability.io/vulnerability/CVE-2013-4317,,"In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their own.",Apache,Apache Cloudstack,4.3,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2018-02-06T14:29:00.000Z,0