Apache CloudStack Network ACL Information Disclosure Vulnerability
CVE-2014-0031

Currently unrated

Key Information:

Vendor

Apache
Status
Cloudstack
Vendor
CVE Published:
15 January 2014

What is CVE-2014-0031?

The Apache CloudStack software allows remote authenticated users to exploit a vulnerability in the ListNetworkACL and listNetworkACLLists APIs. This can lead to unauthorized access, enabling these users to list network ACLs belonging to other users through crafted requests. The issue impacts versions prior to 4.2.1, highlighting the importance of updating to secure configurations to prevent potential information disclosures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/55960
third-party-advisoryx_refsource_SECUNIA
https://blogs.apache.org/cloudstack/entry/cve_2014_0031_c...
x_refsource_CONFIRM
https://issues.apache.org/jira/browse/CLOUDSTACK-5145
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.