{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-42062", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2024-07-29T11:57:03.344Z", "datePublished": "2024-08-07T07:17:08.811Z", "dateUpdated": "2024-09-03T19:58:27.161Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache CloudStack", "vendor": "Apache Software Foundation", "versions": [{"lessThanOrEqual": "4.18.2.2", "status": "affected", "version": "4.10.0", "versionType": "semver"}, {"lessThanOrEqual": "4.19.1.0", "status": "affected", "version": "4.19.0.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Fabricio Duarte"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "CloudStack account-users by default use username and password based authentication for API and UI access. Account-users can<span style=\"background-color: rgb(255, 255, 255);\">&nbsp;generate and register randomised API and secret keys and use them for the purpose of API-based automation and integrations.&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">Due to an access permission validation issue that affects Apache CloudStack versions 4.10.0 up to 4.19.1.0, domain admin accounts were found to be able to query all registered account-users API and secret keys in an environment, including that of a root admin.&nbsp;</span>An attacker who has domain admin access can exploit this to gain root admin and other-account privileges and perform malicious operations that can result in compromise of resources integrity and confidentiality, data loss,&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">denial of service</span>&nbsp;and availability of CloudStack managed infrastructure.<br><br>Users are recommended to upgrade to Apache CloudStack 4.18.2.3 or 4.19.1.1, or later, which addresses this issue.&nbsp;Additionally, all account-user API and secret keys should be regenerated.<br>"}], "value": "CloudStack account-users by default use username and password based authentication for API and UI access. Account-users can\u00a0generate and register randomised API and secret keys and use them for the purpose of API-based automation and integrations.\u00a0Due to an access permission validation issue that affects Apache CloudStack versions 4.10.0 up to 4.19.1.0, domain admin accounts were found to be able to query all registered account-users API and secret keys in an environment, including that of a root admin.\u00a0An attacker who has domain admin access can exploit this to gain root admin and other-account privileges and perform malicious operations that can result in compromise of resources integrity and confidentiality, data loss,\u00a0denial of service\u00a0and availability of CloudStack managed infrastructure.\n\nUsers are recommended to upgrade to Apache CloudStack 4.18.2.3 or 4.19.1.1, or later, which addresses this issue.\u00a0Additionally, all account-user API and secret keys should be regenerated."}], "metrics": [{"other": {"content": {"text": "critical"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-08-19T13:44:08.239Z"}, "references": [{"tags": ["vendor-advisory", "patch"], "url": "https://cloudstack.apache.org/blog/security-release-advisory-4.19.1.1-4.18.2.3"}, {"tags": ["mailing-list"], "url": "https://lists.apache.org/thread/lxqtfd6407prbw3801hb4fz3ot3t8wlj"}, {"tags": ["third-party-advisory"], "url": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-18-2-3-and-4-19-1-1/"}], "source": {"discovery": "UNKNOWN"}, "title": "Apache CloudStack: User Key Exposure to Domain Admins", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/08/06/5"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:03:17.884Z"}}, {"affected": [{"vendor": "apache", "product": "cloudstack", "cpes": ["cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "4.19.0.0", "status": "affected", "lessThanOrEqual": "4.19.1.0", "versionType": "semver"}, {"version": "4.10.0.0", "status": "affected", "lessThanOrEqual": "4.18.2.2", "versionType": "semver"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-08-07T18:16:06.919266Z", "id": "CVE-2024-42062", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-03T19:58:27.161Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/08/06/5"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:03:17.884Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-42062", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-07T18:16:06.919266Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*"], "vendor": "apache", "product": "cloudstack", "versions": [{"status": "affected", "version": "4.19.0.0", "versionType": "semver", "lessThanOrEqual": "4.19.1.0"}, {"status": "affected", "version": "4.10.0.0", "versionType": "semver", "lessThanOrEqual": "4.18.2.2"}], "defaultStatus": "unaffected"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-07T18:16:41.518Z"}}], "cna": {"title": "Apache CloudStack: User Key Exposure to Domain Admins", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Fabricio Duarte"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "critical"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache CloudStack", "versions": [{"status": "affected", "version": "4.10.0", "versionType": "semver", "lessThanOrEqual": "4.18.2.2"}, {"status": "affected", "version": "4.19.0.0", "versionType": "semver", "lessThanOrEqual": "4.19.1.0"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://cloudstack.apache.org/blog/security-release-advisory-4.19.1.1-4.18.2.3", "tags": ["vendor-advisory", "patch"]}, {"url": "https://lists.apache.org/thread/lxqtfd6407prbw3801hb4fz3ot3t8wlj", "tags": ["mailing-list"]}, {"url": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-18-2-3-and-4-19-1-1/", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "CloudStack account-users by default use username and password based authentication for API and UI access. Account-users can\u00a0generate and register randomised API and secret keys and use them for the purpose of API-based automation and integrations.\u00a0Due to an access permission validation issue that affects Apache CloudStack versions 4.10.0 up to 4.19.1.0, domain admin accounts were found to be able to query all registered account-users API and secret keys in an environment, including that of a root admin.\u00a0An attacker who has domain admin access can exploit this to gain root admin and other-account privileges and perform malicious operations that can result in compromise of resources integrity and confidentiality, data loss,\u00a0denial of service\u00a0and availability of CloudStack managed infrastructure.\n\nUsers are recommended to upgrade to Apache CloudStack 4.18.2.3 or 4.19.1.1, or later, which addresses this issue.\u00a0Additionally, all account-user API and secret keys should be regenerated.", "supportingMedia": [{"type": "text/html", "value": "CloudStack account-users by default use username and password based authentication for API and UI access. Account-users can<span style=\"background-color: rgb(255, 255, 255);\">&nbsp;generate and register randomised API and secret keys and use them for the purpose of API-based automation and integrations.&nbsp;</span><span style=\"background-color: rgb(255, 255, 255);\">Due to an access permission validation issue that affects Apache CloudStack versions 4.10.0 up to 4.19.1.0, domain admin accounts were found to be able to query all registered account-users API and secret keys in an environment, including that of a root admin.&nbsp;</span>An attacker who has domain admin access can exploit this to gain root admin and other-account privileges and perform malicious operations that can result in compromise of resources integrity and confidentiality, data loss,&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">denial of service</span>&nbsp;and availability of CloudStack managed infrastructure.<br><br>Users are recommended to upgrade to Apache CloudStack 4.18.2.3 or 4.19.1.1, or later, which addresses this issue.&nbsp;Additionally, all account-user API and secret keys should be regenerated.<br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-08-19T13:44:08.239Z"}}}, "cveMetadata": {"cveId": "CVE-2024-42062", "state": "PUBLISHED", "dateUpdated": "2024-09-03T19:58:27.161Z", "dateReserved": "2024-07-29T11:57:03.344Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2024-08-07T07:17:08.811Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*", "matchCriteriaId": "73701203-F488-4963-8CF6-B5C9577958FA", "versionEndExcluding": "4.18.2.3", "versionStartIncluding": "4.10.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*", "matchCriteriaId": "820D0BE9-6D2A-4EC1-A098-1A40DEB57BAA", "versionEndExcluding": "4.19.1.1", "versionStartIncluding": "4.19.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "CloudStack account-users by default use username and password based authentication for API and UI access. Account-users can\u00a0generate and register randomised API and secret keys and use them for the purpose of API-based automation and integrations.\u00a0Due to an access permission validation issue that affects Apache CloudStack versions 4.10.0 up to 4.19.1.0, domain admin accounts were found to be able to query all registered account-users API and secret keys in an environment, including that of a root admin.\u00a0An attacker who has domain admin access can exploit this to gain root admin and other-account privileges and perform malicious operations that can result in compromise of resources integrity and confidentiality, data loss,\u00a0denial of service\u00a0and availability of CloudStack managed infrastructure.\n\nUsers are recommended to upgrade to Apache CloudStack 4.18.2.3 or 4.19.1.1, or later, which addresses this issue.\u00a0Additionally, all account-user API and secret keys should be regenerated."}, {"lang": "es", "value": "Los usuarios de cuentas de CloudStack utilizan de forma predeterminada la autenticaci\u00f3n basada en nombre de usuario y contrase\u00f1a para acceder a API y UI. Los usuarios de cuentas pueden generar y registrar API aleatorias y claves secretas y utilizarlas con fines de automatizaci\u00f3n e integraciones basadas en API. Debido a un problema de validaci\u00f3n de permisos de acceso que afecta a las versiones 4.10.0 hasta 4.19.1.0 de Apache CloudStack, se descubri\u00f3 que las cuentas de administrador de dominio pueden consultar todas las API y claves secretas de los usuarios de cuentas registrados en un entorno, incluida la de un administrador superusuario. Un atacante que tiene acceso de administrador de dominio puede aprovechar esto para obtener privilegios de administrador ra\u00edz y de otras cuentas y realizar operaciones maliciosas que pueden comprometer la integridad y confidencialidad de los recursos, la p\u00e9rdida de datos, la denegaci\u00f3n de servicio y la disponibilidad de la infraestructura administrada de CloudStack. Se recomienda a los usuarios actualizar a Apache CloudStack 4.18.2.3 o 4.19.1.1, o posterior, que soluciona este problema. Adem\u00e1s, se deben regenerar todas las API y claves secretas del usuario de la cuenta."}], "id": "CVE-2024-42062", "lastModified": "2024-10-11T13:26:48.907", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-08-07T08:16:12.250", "references": [{"source": "security@apache.org", "tags": ["Vendor Advisory"], "url": "https://cloudstack.apache.org/blog/security-release-advisory-4.19.1.1-4.18.2.3"}, {"source": "security@apache.org", "tags": ["Mailing List", "Release Notes"], "url": "https://lists.apache.org/thread/lxqtfd6407prbw3801hb4fz3ot3t8wlj"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.shapeblue.com/shapeblue-security-advisory-apache-cloudstack-security-releases-4-18-2-3-and-4-19-1-1/"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-863"}], "source": "security@apache.org", "type": "Secondary"}]}

{}