CNNVD-202506-1562 Information
CNNVD ID
CNNVD-202506-1562
Related CVE
- CNNVD Published: 2025-06-10
Description (Chinese)
Apache CloudStack是美国阿帕奇(Apache)基金会的一套基础架构即服务(IaaS)云计算平台。该平台主要用于部署和管理大型虚拟机网络。 Apache CloudStack 4.10.0.0至4.20.0.0版本存在安全漏洞,该漏洞源于权限分配不当,可能导致权限提升。
Description (English)
Apache CloudStack is a basic infrastructure of the Apache Foundation in the United States, i.e., the Iaas cloud computing platform. The platform is used primarily for the deployment and management of a large virtual network. There is a security loophole in Appache CloudStack versions 4.10.0.0 to 4.20.0.0, which stems from the misallocation of competences, which may lead to increased competencies.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2025-06-10
Last Modified
2026-02-24
References
https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-19-3-0-and-4-20-1-0/ https://cloudstack.apache.org/blog/cve-advisories-4.19.3.0-4.20.1.0/ https://lists.apache.org/thread/y3qnwn59t8qggtdohv7k7vw39bgb3d60 https://nvd.nist.gov/vuln/detail/CVE-2025-47713 https://access.redhat.com/security/cve/cve-2025-47713
Patch
https://cloudstack.apache.org/downloads/
Share on: