2.8
CVE-2013-6398
- EPSS 0.99%
- Published 15.01.2014 16:08:03
- Last modified 11.04.2025 00:51:21
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
The virtual router in Apache CloudStack before 4.2.1 does not preserve the source restrictions in firewall rules after being restarted, which allows remote attackers to bypass intended restrictions via a request.
Data is provided by the National Vulnerability Database (NVD)
Apache ≫ Cloudstack Version <= 4.2.0
Apache ≫ Cloudstack Version2.0 Update- Editioncommunity
Apache ≫ Cloudstack Version2.0.1
Apache ≫ Cloudstack Version2.1.0
Apache ≫ Cloudstack Version2.1.1
Apache ≫ Cloudstack Version2.1.2
Apache ≫ Cloudstack Version2.1.3
Apache ≫ Cloudstack Version2.1.4
Apache ≫ Cloudstack Version2.1.5
Apache ≫ Cloudstack Version2.1.6
Apache ≫ Cloudstack Version2.1.7
Apache ≫ Cloudstack Version2.1.8
Apache ≫ Cloudstack Version2.1.9
Apache ≫ Cloudstack Version2.1.10
Apache ≫ Cloudstack Version2.2.0
Apache ≫ Cloudstack Version2.2.1
Apache ≫ Cloudstack Version2.2.2
Apache ≫ Cloudstack Version2.2.3
Apache ≫ Cloudstack Version2.2.5
Apache ≫ Cloudstack Version2.2.6
Apache ≫ Cloudstack Version2.2.7
Apache ≫ Cloudstack Version2.2.8
Apache ≫ Cloudstack Version2.2.9
Apache ≫ Cloudstack Version2.2.11
Apache ≫ Cloudstack Version2.2.12
Apache ≫ Cloudstack Version2.2.13
Apache ≫ Cloudstack Version2.2.14
Apache ≫ Cloudstack Version3.0.0
Apache ≫ Cloudstack Version3.0.1
Apache ≫ Cloudstack Version3.0.2
Apache ≫ Cloudstack Version4.0.0 Updateincubating
Apache ≫ Cloudstack Version4.0.1
Apache ≫ Cloudstack Version4.0.2
Apache ≫ Cloudstack Version4.1.0
Apache ≫ Cloudstack Version4.1.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.99% | 0.748 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 2.8 | 5.5 | 2.9 |
AV:N/AC:M/Au:M/C:P/I:N/A:N
|