CVE-2024-38346 | Apache CloudStack up to 4.18.2.0/4.19.0.1 Service Port 9090 code injection

Inserito da Angelo Barbosa | Lug 5, 2024 | CVE

A vulnerability, which was classified as very critical, has been found in Apache CloudStack up to 4.18.2.0/4.19.0.1. This issue affects some unknown processing of the component Service Port 9090. The manipulation leads to code injection.

The identification of this vulnerability is CVE-2024-38346. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-38346 | Apache CloudStack up to 4.18.2.0/4.19.0.1 Service Port 9090 code injection

Post correlati

CVE-2023-41814 | Artica Pandora FMS up to 774 Message cross site scripting

CVE-2024-1249 | Keycloak checkLoginIframe cross-domain policy

CVE-2023-37411 | IBM Aspera Faspex up to 5.0.6 Web UI cross site scripting (XFDB-260139)

CVE-2024-20754 | Adobe Lightroom Desktop up to 7.1.2 untrusted search path (apsb24-17)