Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2014-0031

The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache CloudStack before 4.2.1 allow remote authenticated users to list network ACLS for other users via a crafted request.

  • Published: Jan 15, 2014
  • Updated: Nov 9, 2025
  • CVE: CVE-2014-0031
  • Severity: Low
  • Exploit:

CVSS v2:

  • Severity: Low
  • Score: 4
  • AV:N/AC:L/Au:S/C:P/I:N/A:N

CWEs:

Software From Fixed in
apache / cloudstack 2.2.7 2.2.7.x
apache / cloudstack 2.1.6 2.1.6.x
apache / cloudstack 2.2.14 2.2.14.x
apache / cloudstack 2.2.0 2.2.0.x
apache / cloudstack 2.2.12 2.2.12.x
apache / cloudstack 2.2.6 2.2.6.x
apache / cloudstack 2.2.9 2.2.9.x
apache / cloudstack 4.1.1 4.1.1.x
apache / cloudstack 2.1.8 2.1.8.x
apache / cloudstack 2.1.2 2.1.2.x
apache / cloudstack 2.0 2.0.x
apache / cloudstack 2.2.5 2.2.5.x
apache / cloudstack 2.2.11 2.2.11.x
apache / cloudstack 2.1.0 2.1.0.x
apache / cloudstack 2.1.3 2.1.3.x
apache / cloudstack 2.2.2 2.2.2.x
apache / cloudstack 2.1.5 2.1.5.x
apache / cloudstack - 4.2.0.x
apache / cloudstack 2.2.1 2.2.1.x
apache / cloudstack 3.0.1 3.0.1.x
apache / cloudstack 3.0.2 3.0.2.x
apache / cloudstack 2.2.13 2.2.13.x
apache / cloudstack 4.1.0 4.1.0.x
apache / cloudstack 2.0.1 2.0.1.x
apache / cloudstack 2.1.9 2.1.9.x
apache / cloudstack 4.0.2 4.0.2.x
apache / cloudstack 4.0.1 4.0.1.x
apache / cloudstack 3.0.0 3.0.0.x
apache / cloudstack 2.1.10 2.1.10.x
apache / cloudstack 2.2.8 2.2.8.x
apache / cloudstack 4.0.0-incubating 4.0.0-incubating.x
apache / cloudstack 2.1.1 2.1.1.x
apache / cloudstack 2.1.7 2.1.7.x
apache / cloudstack 2.2.3 2.2.3.x
apache / cloudstack 2.1.4 2.1.4.x