CVE-2013-6398

CWE-2643 documents3 sources
Severity
2.8LOW
EPSS
1.0%
top 23.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Cloudstack
Timeline
PublishedJan 15
Latest updateMay 17

Description

The virtual router in Apache CloudStack before 4.2.1 does not preserve the source restrictions in firewall rules after being restarted, which allows remote attackers to bypass intended restrictions via a request.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 5.5 | Impact: 2.9

Affected Packages1 packages

NVDapache/cloudstack4.2.0+34

🔴Vulnerability Details

2
GHSA
GHSA-rrmx-vjgx-hhhm: The virtual router in Apache CloudStack before 42022-05-17
CVEList
CVE-2013-6398: The virtual router in Apache CloudStack before 42014-01-14
CVE-2013-6398 (LOW CVSS 2.8) | The virtual router in Apache CloudS | cvebase.io