The virtual router in Apache CloudStack prior to 4.2.1 does not preserve the source restrictions in firewall rules after being restarted, which allows remote malicious users to bypass intended restrictions via a request.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
apache cloudstack 4.1.1 |
||
apache cloudstack 2.1.2 |
||
apache cloudstack 2.1.3 |
||
apache cloudstack 2.1.4 |
||
apache cloudstack 2.2.1 |
||
apache cloudstack 2.2.11 |
||
apache cloudstack 2.2.6 |
||
apache cloudstack 2.2.7 |
||
apache cloudstack 4.0.1 |
||
apache cloudstack 4.0.2 |
||
apache cloudstack 4.1.0 |
||
apache cloudstack |
||
apache cloudstack 2.0 |
||
apache cloudstack 2.1.5 |
||
apache cloudstack 2.1.6 |
||
apache cloudstack 2.2.12 |
||
apache cloudstack 2.2.13 |
||
apache cloudstack 2.2.8 |
||
apache cloudstack 2.2.9 |
||
apache cloudstack 2.0.1 |
||
apache cloudstack 2.1.0 |
||
apache cloudstack 2.1.7 |
||
apache cloudstack 2.1.8 |
||
apache cloudstack 2.2.14 |
||
apache cloudstack 2.2.2 |
||
apache cloudstack 3.0.0 |
||
apache cloudstack 3.0.1 |
||
apache cloudstack 2.1.1 |
||
apache cloudstack 2.1.10 |
||
apache cloudstack 2.1.9 |
||
apache cloudstack 2.2.0 |
||
apache cloudstack 2.2.3 |
||
apache cloudstack 2.2.5 |
||
apache cloudstack 3.0.2 |
||
apache cloudstack 4.0.0 |
Vulmon