Apache CloudStack prior to 4.3.2 and 4.4.x prior to 4.4.2 allows remote malicious users to obtain private keys via a listSslCerts API call.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache cloudstack |
||
apache cloudstack 4.4.1 |
||
apache cloudstack 4.4.0 |