Skip to main content

Zstack

2 CVEs product

Monthly

CVE-2023-46326 HIGH POC This Week

ZStack Cloud version 3.10.38 and before allows unauthenticated API access to the list of active job UUIDs and the session ID for each of these. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Zstack
NVD GitHub
CVSS 3.1
8.8
EPSS
0.7%
CVE-2021-32836 HIGH POC This Week

ZStack is open source IaaS(infrastructure as a service) software. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Deserialization RCE Denial Of Service Code Injection Zstack
NVD GitHub
CVSS 3.1
8.1
EPSS
2.0%
EPSS 1% CVSS 8.8
HIGH POC This Week

ZStack Cloud version 3.10.38 and before allows unauthenticated API access to the list of active job UUIDs and the session ID for each of these. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Zstack
NVD GitHub
EPSS 2% CVSS 8.1
HIGH POC This Week

ZStack is open source IaaS(infrastructure as a service) software. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Deserialization RCE Denial Of Service +2
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy