Unrated severityNVD Advisory· Published Jan 15, 2014· Updated Jun 17, 2026
CVE-2014-0031
CVE-2014-0031
Description
The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache CloudStack before 4.2.1 allow remote authenticated users to list network ACLS for other users via a crafted request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
36cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*+ 35 more
- cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*range: <=4.2.0
- cpe:2.3:a:apache:cloudstack:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.0:-:community:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.1.10:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.13:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:2.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:3.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:4.0.0:incubating:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:apache:cloudstack:4.1.1:*:*:*:*:*:*:*
- (no CPE)range: <4.2.1
Patches
Vulnerability mechanics
References
3- secunia.com/advisories/55960nvdVendor Advisory
- blogs.apache.org/cloudstack/entry/cve_2014_0031_cloudstack_listnetworkaclnvdVendor Advisory
- issues.apache.org/jira/browse/CLOUDSTACK-5145nvd
News mentions
0No linked articles in our index yet.