Remote code execution in Apache CloudStack



Risk High
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-50386
CWE-ID CWE-269
Exploitation vector Network
Public exploit N/A
Vulnerable software
 Apache CloudStack
Server applications / Other server solutions

Vendor Apache Foundation

Security Bulletin

This security bulletin contains one high risk vulnerability.

1) Improper privilege management

EUVDB-ID: #VU100517

Risk: High

CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:U/U:Amber]

CVE-ID: CVE-2024-50386

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a remote user to compromise the affected system.

The vulnerability exists due the application allows users to register templates to be downloaded directly to the primary storage for deploying instances however does not perform validation checks for KVM-compatible templates. A remote user who can register such templates can use them to deploy malicious instances on KVM-based environments and exploit this to gain access to the host filesystems.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Apache CloudStack: 4.0.2 - 4.19.1.2

CPE2.3 External links

https://cloudstack.apache.org/blog/security-release-advisory-4.18.2.5-4.19.1.3
https://lists.apache.org/thread/d0x83c2cyglzzdw8csbop7mj7h83z95y
https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-18-2-5-and-4-19-1-3/


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###