Skip to main content

Cloudplatform

4 CVEs product

Monthly

CVE-2013-2758 MEDIUM PATCH This Month

Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C uses a hash of a predictable sequence, which makes it easier for remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Citrix Information Disclosure Apache Cloudstack Cloudplatform
NVD
CVSS 2.0
5.0
EPSS
2.8%
CVE-2013-2757 HIGH PATCH This Week

Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C does not properly restrict access to VNC ports on the management network, which allows remote attackers to have. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Citrix Privilege Escalation Cloudplatform
NVD
CVSS 2.0
7.5
EPSS
1.9%
CVE-2013-2756 MEDIUM PATCH This Month

Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C allows remote attackers to bypass the console proxy authentication by leveraging. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Apache Citrix Authentication Bypass Cloudstack Cloudplatform
NVD
CVSS 2.0
5.0
EPSS
3.1%
CVE-2012-5616 LOW Monitor

Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1). Rated low severity (CVSS 1.5). No vendor patch available.

Citrix Apache Authentication Bypass Cloudstack Cloudplatform
NVD
CVSS 2.0
1.5
EPSS
0.1%
EPSS 3% CVSS 5.0
MEDIUM PATCH This Month

Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C uses a hash of a predictable sequence, which makes it easier for remote attackers. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Citrix Information Disclosure Apache +2
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C does not properly restrict access to VNC ports on the management network, which allows remote attackers to have. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity.

Citrix Privilege Escalation Cloudplatform
NVD
EPSS 3% CVSS 5.0
MEDIUM PATCH This Month

Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C allows remote attackers to bypass the console proxy authentication by leveraging. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Apache Citrix Authentication Bypass +2
NVD
EPSS 0% CVSS 1.5
LOW Monitor

Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the log4j.conf log file, which allows local users to obtain (1). Rated low severity (CVSS 1.5). No vendor patch available.

Citrix Apache Authentication Bypass +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy