VYPR
Medium severity4.3NVD Advisory· Published Feb 6, 2018· Updated Jun 16, 2026

CVE-2013-4317

CVE-2013-4317

Description

In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their own.

Affected products

2
  • Apache/Cloudstackllm-fuzzy2 versions
    4.1.0 - 4.1.1+ 1 more
    • (no CPE)range: 4.1.0 - 4.1.1
    • (no CPE)range: 4.1.0, 4.1.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.