CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 1CVE-2022-26779 – Apache Cloudstack insecure random number generation affects project email invitation
https://notcve.org/view.php?id=CVE-2022-26779
15 Mar 2022 — Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens. If a project invite is created based only on an email address, a random token is generated. An attacker with knowledge of the project ID and the fact that the invite is sent, could generate time deterministic tokens and brute force attempt to use them prior to the legitimate receiver accepting the invite. This feature is not enabled by default, the attacker is required to know or guess the project ID fo... • http://www.openwall.com/lists/oss-security/2022/03/15/1 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2019-17562
https://notcve.org/view.php?id=CVE-2019-17562
14 May 2020 — A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to 4.13.1. The vulnerability is due to the lack of validation of the mac parameter in baremetal virtual router. If you insert an arbitrary shell command into the mac parameter, v-router will process the command. For example: Normal: http://{GW}:10086/baremetal/provisiondone/{mac}, Abnormal: http://{GW}:10086/baremetal/provisiondone/#';whoami;#. • https://lists.apache.org/thread.html/rcbaafc6ae1f32e8f1e5987c243a26faf83c5172348ee7c17a54ea7f9%40%3Cusers.cloudstack.apache.org%3E • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2016-6813
https://notcve.org/view.php?id=CVE-2016-6813
06 Feb 2018 — Apache CloudStack 4.1 to 4.8.1.0 and 4.9.0.0 contain an API call designed to allow a user to register for the developer API. If a malicious user is able to determine the ID of another (non-"root") CloudStack user, the malicious user may be able to reset the API keys for the other user, in turn accessing their account and resources. Apache CloudStack 4.1 a 4.8.1.0 y 4.9.0.0 contiene una llamada API diseñada para permitir a un usuario registrarse en la API del desarrollador. Si un usuario malicioso es capaz d... • http://mail-archives.apache.org/mod_mbox/www-announce/201610.mbox/%3CCAJtfqCupOYQoNY2BNx86_zauses_MpmpiX8WciO_DEaWp6uNig%40mail.gmail.com%3E •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2013-4317
https://notcve.org/view.php?id=CVE-2013-4317
06 Feb 2018 — In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their own. En Apache CloudStack 4.1.0 y 4.1.1, al llamar a la API CloudStack call listProjectAccounts como usuario normal no administrativo, el usuario puede ver información de cuentas distintas a la propia. • http://seclists.org/oss-sec/2018/q1/1 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2016-3085 – Apache CloudStack 4.5.0 Authentication Bypass
https://notcve.org/view.php?id=CVE-2016-3085
09 Jun 2016 — Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x before 4.7.1.1, and 4.8.x before 4.8.0.1, when SAML-based authentication is enabled and used, allow remote attackers to bypass authentication and access the user interface via vectors related to the SAML plugin. Apache CloudStack 4.5.x en versiones anteriores a 4.5.2.1, 4.6.x en versiones anteriores a 4.6.2.1, 4.7.x en versiones anteriores a 4.7.1.1 y 4.8.x en versiones anteriores a 4.8.0.1, cuando la autenticación SAML-based está activa y ... • http://packetstormsecurity.com/files/137390/Apache-CloudStack-4.5.0-Authentication-Bypass.html • CWE-254: 7PK - Security Features CWE-287: Improper Authentication •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2015-3251 – Apache CloudStack 4.4.4 / 4.5.1 VM Credential Exposure
https://notcve.org/view.php?id=CVE-2015-3251
06 Feb 2016 — Apache CloudStack before 4.5.2 might allow remote authenticated administrators to obtain sensitive password information for root accounts of virtual machines via unspecified vectors related to API calls. Apache CloudStack en versiones anteriores a 4.5.2 podría permitir a administradores remotos autenticados obtener información de contraseña sensible para cuentas root de máquinas virtuales a través de vectores no especificados relacionado con llamadas API. Apache CloudStack provides an API for managing netwo... • http://mail-archives.apache.org/mod_mbox/cloudstack-users/201602.mbox/%3C94DD4CB4-F718-4F79-A934-3D677E497114%40gmail.com%3E • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2015-3252 – Apache CloudStack 4.4.4 / 4.5.1 VNC Authentication Issue
https://notcve.org/view.php?id=CVE-2015-3252
06 Feb 2016 — Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote attackers to gain access by connecting to the VNC server. Apache CloudStack en versiones anteriores a 4.5.2 no conserva adecuadamente las contraseñas VNC al migrar máquinas virtuales KVM, lo que permite a atacantes remotos obtener acceso mediante la conexión al servidor VNC. Apache CloudStack sets a VNC password unique to each KVM virtual machine under management. Upon migrating a... • http://mail-archives.apache.org/mod_mbox/cloudstack-users/201602.mbox/%3C7508580E-3D83-49FD-BE6E-B329B0503130%40gmail.com%3E • CWE-255: Credentials Management Errors •
CVSS: 7.5EPSS: 2%CPEs: 3EXPL: 0CVE-2014-9593
https://notcve.org/view.php?id=CVE-2014-9593
15 Jan 2015 — Apache CloudStack before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to obtain private keys via a listSslCerts API call. Apache CloudStack anterior a 4.3.2 y 4.4.x anterior a 4.4.2 permite a atacantes remotos obtener claves privados a través de una llamada a la API listSslCerts. • http://docs.cloudstack.apache.org/projects/cloudstack-release-notes/en/4.3.2/about.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2014-7807 – Apache CloudStack 4.3 / 4.4 Unauthenticated LDAP Binds
https://notcve.org/view.php?id=CVE-2014-7807
09 Dec 2014 — Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authentication via a login request without a password, which triggers an unauthenticated bind. Apache CloudStack 4.3.x anterior a 4.3.2 y 4.4.x anterior a 4.4.2 permite a atacantes remotos evadir la autenticación a través de una solicitud de inicio de sesión sin contraseña, lo que provoca un vínculo no autenticado. Apache CloudStack may be configured to authenticate LDAP users. When so configured, it performs a sim... • http://support.citrix.com/article/CTX200285 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 1%CPEs: 35EXPL: 0CVE-2013-6398 – CloudStack Virtual Router Access Leak
https://notcve.org/view.php?id=CVE-2013-6398
11 Jan 2014 — The virtual router in Apache CloudStack before 4.2.1 does not preserve the source restrictions in firewall rules after being restarted, which allows remote attackers to bypass intended restrictions via a request. El router virtual en Apache CloudStack anteriores a 4.2.1 no mantiene las restricciones de orígenes en reglas del firewall después de ser reiniciado, lo cual permite a atacantes remotos eludir restricciones intencionadas a través de una petición. Apache CloudStack versions 4.1.0, 4.1.1, and 4.2.0 h... • http://secunia.com/advisories/55960 • CWE-264: Permissions, Privileges, and Access Controls •