Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-45693— Apache CloudStack: Request origin validation bypass makes account takeover possible

CVSS 8.0 · High EPSS 0.14% · P33
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-45693

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Apache CloudStack: Request origin validation bypass makes account takeover possible
Source: NVD (National Vulnerability Database)
Vulnerability Description
Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF requests due to missing validation of the origin of the requests. This can allow an attacker to gain privileges and access to resources of the authenticated users and may lead to account takeover, disruption, exposure of sensitive data and compromise integrity of the resources owned by the user account that are managed by the platform. This issue affects Apache CloudStack from 4.15.1.0 through 4.18.2.3 and 4.19.0.0 through 4.19.1.1 Users are recommended to upgrade to Apache CloudStack 4.18.2.4 or 4.19.1.2, or later, which addresses this issue.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨站请求伪造(CSRF)
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache CloudStack 跨站请求伪造漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache CloudStack是美国阿帕奇(Apache)基金会的一套基础架构即服务(IaaS)云计算平台。该平台主要用于部署和管理大型虚拟机网络。 Apache CloudStack 4.15.1.0到4.18.2.3版本和4.19.0.0到4.19.1.1版本存在跨站请求伪造漏洞,该漏洞源于缺少对请求来源的验证,可能导致登录用户被诱导提交恶意CSRF请求,从而使攻击者获得特权并访问已认证用户的资源。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Apache Software FoundationApache CloudStack 4.15.1.0 ~ 4.18.2.3 -

II. Public POCs for CVE-2024-45693

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2024-45693

登录查看更多情报信息。

Same Patch Batch · Apache Software Foundation · 2024-10-16 · 6 CVEs total

CVE-2024-452198.5 HIGHApache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-
CVE-2024-454626.3 MEDIUMApache CloudStack: Incomplete session invalidation on web interface logout
CVE-2024-454615.7 MEDIUMApache CloudStack Quota plugin: Access checks not enforced in Quota
CVE-2024-45217Apache Solr: ConfigSets created during a backup restore command are trusted implicitly
CVE-2024-45216Apache Solr: Authentication bypass possible using a fake URL Path ending

IV. Related Vulnerabilities

Same product: Apache CloudStack
Same vendor: Apache Software Foundation
Same weakness: CWE-352

V. Comments for CVE-2024-45693

No comments yet

Leave a comment