CVE-2024-29006Authentication Bypass by Spoofing in Apache Cloudstack

CWE-290Authentication Bypass by Spoofing3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.1%
top 78.12%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache CloudstackApache Software Foundation Apache Cloudstack
Timeline
PublishedApr 4

Description

By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it as the source IP of an API request. This could lead to authentication bypass and other operational problems should an attacker decide to spoof their IP address this way. Users are recommended to upgrade to CloudStack version 4.18.1.1 or 4.19.0.1, which fixes this issue.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDapache/cloudstack4.11.0.04.18.1.1+1
CVEListV5apache_software_foundation/apache_cloudstack4.11.0.04.18.1.0+1

🔴Vulnerability Details

2
GHSA
GHSA-w59w-35q3-vcg7: By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it as the source IP of an API request2024-04-04
CVEList
Apache CloudStack: x-forwarded-for HTTP header parsed by default2024-04-04
CVE-2024-29006 — Authentication Bypass by Spoofing | cvebase