Medium severity4.3NVD Advisory· Published Feb 6, 2018· Updated Jun 16, 2026
CVE-2013-4317
CVE-2013-4317
Description
In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their own.
Affected products
24.1.0 - 4.1.1+ 1 more
- (no CPE)range: 4.1.0 - 4.1.1
- (no CPE)range: 4.1.0, 4.1.1
Patches
Vulnerability mechanics
References
1- seclists.org/oss-sec/2018/q1/1nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.