CVE-2014-9593

CWE-200Information Exposure3 documents3 sources
Severity
5.0MEDIUM
EPSS
2.7%
top 14.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Cloudstack
Timeline
PublishedJan 15
Latest updateMay 17

Description

Apache CloudStack before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to obtain private keys via a listSslCerts API call.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDapache/cloudstack4.3.1+2

🔴Vulnerability Details

2
GHSA
GHSA-2gw9-fcg7-wj2g: Apache CloudStack before 42022-05-17
CVEList
CVE-2014-9593: Apache CloudStack before 42015-01-15
CVE-2014-9593 (MEDIUM CVSS 5) | Apache CloudStack before 4.3.2 and | cvebase.io