CVE-2024-29006 | Apache CloudStack up to 4.18.1.0/4.19.0.0 HTTP Header X-Forwarded-For authentication spoofing

Inserito da Angelo Barbosa | Apr 4, 2024 | CVE

A vulnerability has been found in Apache CloudStack up to 4.18.1.0/4.19.0.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to authentication bypass by spoofing.

This vulnerability is known as CVE-2024-29006. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-29006 | Apache CloudStack up to 4.18.1.0/4.19.0.0 HTTP Header X-Forwarded-For authentication spoofing

Post correlati

CVE-2024-28195 | Yooooomi your_spotify up to 1.8.x API/Login cross-site request forgery

CVE-2024-42166 | FIWARE Keyrock up to 8.4 lib/app_certificates.js generate_app_certificates os command injection

CVE-2024-7591 | Progress LoadMaster up to 7.2.60.0 os command injection

CVE-2023-4222 | Chamilo LMS up to 1.11.24 openoffice_text_document.class.php os command injection