VYPR
Unrated severityNVD Advisory· Published Dec 10, 2014· Updated Jun 17, 2026

CVE-2014-7807

CVE-2014-7807

Description

Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authentication via a login request without a password, which triggers an unauthenticated bind.

Affected products

5
  • Apache/Cloudstack4 versions
    cpe:2.3:a:apache:cloudstack:4.3.0:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:apache:cloudstack:4.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:cloudstack:4.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:cloudstack:4.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:apache:cloudstack:4.4.1:*:*:*:*:*:*:*
  • Range: >=4.3.0, <4.3.2 || >=4.4.0, <4.4.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.