CVE-2024-29006

EPSS 0.07%
Published 04.04.2024 08:15:06
Last modified 27.03.2025 20:15:25
Source security@apache.org
Teams watchlist Login
Open Login

By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it as the source IP of an API request. This could lead to authentication bypass and other operational problems should an attacker decide to spoof their IP address this way. Users are recommended to upgrade to CloudStack version 4.18.1.1 or 4.19.0.1, which fixes this issue.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Apache ≫ Cloudstack Version >= 4.11.0.0 < 4.18.1.1

Apache ≫ Cloudstack Version4.19.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.07%	0.226

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-290 Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

https://lists.apache.org/thread/82f46pv7mvh95ybto5hn8wlo6g8jhjvp

Vendor Advisory

Mailing List

https://nvd.nist.gov/vuln/detail/CVE-2024-29006

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-29006

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-29006

EUVD