Every CVE whose affected-product data names Apache Cloudstack, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (45)
CVE-2012-4501 — CVSS 10.0 (critical): Citrix Cloud.com CloudStack, and Apache CloudStack pre-release, allows remote attackers to make arbitrary API calls by leveraging the…
CVE-2016-6813 — CVSS 9.8 (critical): Apache CloudStack 4.1 to 4.8.1.0 and 4.9.0.0 contain an API call designed to allow a user to register for the developer API. If a malicious…
CVE-2024-39864 — CVSS 9.8 (critical): The CloudStack integration API service allows running its unauthenticated API server (usually on port 8096 when configured and enabled via…
CVE-2024-38346 — CVSS 9.8 (critical): The CloudStack cluster service runs on unauthenticated port (default 9090) that can be misused to run arbitrary commands on targeted…
CVE-2024-29006 — CVSS 9.8 (critical): By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it as the source IP of an API request. This…
CVE-2015-3252 — CVSS 9.8 (critical): Apache CloudStack before 4.5.2 does not properly preserve VNC passwords when migrating KVM virtual machines, which allows remote attackers…
CVE-2022-35741 — CVSS 9.8 (critical): Apache CloudStack version 4.5.0 and later has a SAML 2.0 authentication Service Provider plugin which is found to be vulnerable to XML…
CVE-2019-17562 — CVSS 9.8 (critical): A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to…
CVE-2026-25199 — CVSS 9.1 (critical): Instances deployed via the Proxmox extension allow unauthorized access to instances belonging to other tenants. This issue affects Apache…
CVE-2026-25077 — CVSS 8.8 (high): Account users are allowed by default to register templates to be downloaded directly to the primary storage for deploying instances using…
CVE-2025-47849 — CVSS 8.8 (high): A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in…
CVE-2025-47713 — CVSS 8.8 (high): A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in…
CVE-2024-50386 — CVSS 8.5 (high): Account users in Apache CloudStack by default are allowed to register templates to be downloaded directly to the primary storage for…
CVE-2024-45219 — CVSS 8.5 (high): Account users in Apache CloudStack by default are allowed to upload and register templates for deploying instances and volumes for…
CVE-2024-41107 — CVSS 8.1 (high): The CloudStack SAML authentication (disabled by default) does not enforce signature check. In CloudStack environments where SAML…
CVE-2025-26521 — CVSS 8.1 (high): When an Apache CloudStack user-account creates a CKS-based Kubernetes cluster in a project, the API key and the secret key of the…
CVE-2025-66172 — CVSS 8.1 (high): The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access…
CVE-2025-66467 — CVSS 8.0 (high): Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned…
CVE-2024-45693 — CVSS 8.0 (high): Users logged into the Apache CloudStack's web interface can be tricked to submit malicious CSRF requests due to missing validation of the…
CVE-2022-26779 — CVSS 7.5 (high): Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens. If a project invite is created…
CVE-2024-29007 — CVSS 7.3 (high): The CloudStack management server and secondary storage VM could be tricked into making requests to restricted or random resources by means…
CVE-2024-42062 — CVSS 7.2 (high): CloudStack account-users by default use username and password based authentication for API and UI access. Account-users can generate and…
CVE-2025-66171 — CVSS 6.5 (medium): The CloudStack Backup plugin has an improper access logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account access…
CVE-2016-3085 — CVSS 6.5 (medium): Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x before 4.7.1.1, and 4.8.x before 4.8.0.1, when SAML-based…
CVE-2025-69233 — CVSS 6.5 (medium): Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations…
CVE-2025-66170 — CVSS 6.5 (medium): The CloudStack Backup plugin has an improper authorization logic in versions 4.21.0.0 and 4.22.0.0. Anyone with authenticated user-account…
CVE-2024-29008 — CVSS 6.4 (medium): A problem has been identified in the CloudStack additional VM configuration (extraconfig) feature which can be misused by anyone who has…
CVE-2024-45462 — CVSS 6.3 (medium): The logout operation in the CloudStack web interface does not expire the user session completely which is valid until expiry by time or…
CVE-2024-45461 — CVSS 5.7 (medium): The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit system for cloud resources, and is disabled by…
CVE-2013-2756 — CVSS 5.0 (medium): Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C allows remote…
CVE-2014-9593 — CVSS 5.0 (medium): Apache CloudStack before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to obtain private keys via a listSslCerts API call.
CVE-2014-7807 — CVSS 5.0 (medium): Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authentication via a login request without a…
CVE-2013-2758 — CVSS 5.0 (medium): Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C uses a hash of a…
CVE-2015-3251 — CVSS 4.9 (medium): Apache CloudStack before 4.5.2 might allow remote authenticated administrators to obtain sensitive password information for root accounts…
CVE-2025-59302 — CVSS 4.7 (medium): In Apache CloudStack improper control of generation of code ('Code Injection') vulnerability is found in the following APIs which are…
CVE-2025-30675 — CVSS 4.7 (medium): In Apache CloudStack, a flaw in access control affects the listTemplates and listIsos APIs. A malicious Domain Admin or Resource Admin can…
CVE-2025-59454 — CVSS 4.3 (medium): In Apache CloudStack, a gap in access control checks affected the APIs - createNetworkACL - listNetworkACLs - listResourceDetails -…
CVE-2025-22829 — CVSS 4.3 (medium): The CloudStack Quota plugin has an improper privilege management logic in version 4.20.0.0. Anyone with authenticated user-account access…
CVE-2025-22828 — CVSS 4.3 (medium): CloudStack users can add and read comments (annotations) on resources they are authorised to access. Due to an access validation issue that…
CVE-2013-2136 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Apache CloudStack before 4.1.1 allow remote attackers to inject arbitrary web script…
CVE-2013-4317 — CVSS 4.3 (medium): In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the…
CVE-2024-42222 — CVSS 4.3 (medium): In Apache CloudStack 4.19.1.0, a regression in the network listing API allows unauthorised list access of network details for domain admin…
CVE-2014-0031 — CVSS 4.0 (medium): The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache CloudStack before 4.2.1 allow remote authenticated users to list network…
CVE-2013-6398 — CVSS 2.8 (low): The virtual router in Apache CloudStack before 4.2.1 does not preserve the source restrictions in firewall rules after being restarted…
CVE-2012-5616 — CVSS 1.5 (low): Apache CloudStack 4.0.0-incubating and Citrix CloudPlatform (formerly Citrix CloudStack) before 3.0.6 stores sensitive information in the…