Apache Cloudstack Vulnerabilities

Access Control Issue in Apache CloudStack Affects User Comments

CVE-2025-22828

ApacheApache Cloudstack👾🟡

Unexpected Session Expiration Vulnerability Affects CloudStack Users

CVE-2024-45462

Apache CloudStackCloudstack7.1HIGH

Attackers Can Trick Users into Submitting Malicious CSRF Requests, Leading to Privilege Escalation and Data Exposure

CVE-2024-45693

Apache CloudStackCloudstack8.8HIGH

Insecure Quota Configuration in CloudStack Allowing Unauthorized Access to Quota-Related Data and Configurations

CVE-2024-45461

Apache CloudStackCloudstack6.3MEDIUM

Understanding the Recent Access Permission Validation Vulnerability in CloudStack

CVE-2024-42062

ApacheApache Cloudstack7.2HIGH

Unauthorized Access to Network Details in CloudStack 4.19.1.0

CVE-2024-42222

ApacheApache Cloudstack4.3MEDIUM

SAML Authentication Vulnerability in CloudStack Environments

CVE-2024-41107

ApacheApache Cloudstack👾🟡EPSS 79%📰8.1HIGH

CloudStack Cluster Service Vulnerable to Command Injection Attacks

CVE-2024-38346

ApacheApache Cloudstack📰9.8CRITICAL

Unauthorized Access to CloudStack Management Network Could Lead to Compromise of Infrastructure

CVE-2024-39864

ApacheApache Cloudstack📰9.8CRITICAL

Attacker can exploit feature to attach host devices and gain access to underlying infrastructure

CVE-2024-29008

ApacheApache Cloudstack

Apache CloudStack SAML Single Sign-On XXE

CVE-2022-35741

ApacheApache Cloudstack9.8CRITICAL

Apache Cloudstack insecure random number generation affects project email invitation

CVE-2022-26779

ApacheApache Cloudstack7.5HIGH

CVE-2019-17562

ApacheApache Cloudstack9.8CRITICAL

CVE-2016-6813

ApacheApache Cloudstack9.8CRITICAL

CVE-2013-4317

ApacheApache Cloudstack4.3MEDIUM

CVE-2016-3085

ApacheCloudstack6.5MEDIUM

CVE-2015-3251

ApacheCloudstack4.9MEDIUM

CVE-2015-3252

ApacheCloudstack9.8CRITICAL

Apache Cloudstack Vulnerabilities

Vulnerability Published:

Sort By:

13 January 2025

Access Control Issue in Apache CloudStack Affects User Comments

16 October 2024

Unexpected Session Expiration Vulnerability Affects CloudStack Users

Attackers Can Trick Users into Submitting Malicious CSRF Requests, Leading to Privilege Escalation and Data Exposure

Insecure Quota Configuration in CloudStack Allowing Unauthorized Access to Quota-Related Data and Configurations

7 August 2024

Understanding the Recent Access Permission Validation Vulnerability in CloudStack

Unauthorized Access to Network Details in CloudStack 4.19.1.0

19 July 2024

SAML Authentication Vulnerability in CloudStack Environments

5 July 2024

CloudStack Cluster Service Vulnerable to Command Injection Attacks

Unauthorized Access to CloudStack Management Network Could Lead to Compromise of Infrastructure

4 April 2024

Attacker can exploit feature to attach host devices and gain access to underlying infrastructure

18 July 2022

Apache CloudStack SAML Single Sign-On XXE

15 March 2022

Apache Cloudstack insecure random number generation affects project email invitation

14 May 2020

6 February 2018

10 June 2016

8 February 2016

15 January 2015

10 December 2014

23 May 2014

15 January 2014

19 August 2013