Credential Exposure in Apache CloudStack Administrators
CVE-2015-3251

4.9MEDIUM

Key Information:

Vendor: Apache
Status: Cloudstack
Vendor: CVE Published:; 8 February 2016

Summary

Apache CloudStack prior to version 4.5.2 may permit remote authenticated administrators to unintentionally access sensitive password information for root accounts of virtual machines through unspecified vector related to API interactions. This vulnerability can pose significant security risks, potentially allowing unauthorized access to critical systems.