CNNVD-202511-2940 Information
CNNVD ID
CNNVD-202511-2940
Related CVE
- CNNVD Published: 2025-11-27
Description (Chinese)
Apache CloudStack是美国阿帕奇(Apache)基金会的一套基础架构即服务(IaaS)云计算平台。该平台主要用于部署和管理大型虚拟机网络。 Apache CloudStack存在安全漏洞,该漏洞源于访问控制检查不足,可能导致用户访问超出预期范围的信息。
Description (English)
Apache CloudStack is a basic infrastructure of the Apache Foundation in the United States, i.e., the Iaas cloud computing platform. The platform is used primarily for the deployment and management of a large virtual network. There is a security loophole in Apache CloudStack, which stems from inadequate access control checks, which may lead users to access information beyond expectations.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2025-11-27
Last Modified
2026-02-24
References
https://lists.apache.org/thread/0hlklvlwhzsfw39nocmyxb6svjbs9xbc http://www.openwall.com/lists/oss-security/2025/11/27/3 https://access.redhat.com/security/cve/cve-2025-59454
Patch
https://cloudstack.apache.org/
Share on: