CVE Vulnerabilities

CVE-2013-2758

Published: May 23, 2014 | Modified: Apr 12, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

Apache CloudStack 4.0.0 before 4.0.2 and Citrix CloudPlatform (formerly Citrix CloudStack) 3.0.x before 3.0.6 Patch C uses a hash of a predictable sequence, which makes it easier for remote attackers to guess the console access URL via a brute force attack.

Affected Software

Name Vendor Start Version End Version
Cloudstack Apache 4.0.0-incubating (including) 4.0.0-incubating (including)
Cloudstack Apache 4.0.1 (including) 4.0.1 (including)
Cloudstack Apache 4.0.2 (including) 4.0.2 (including)
Cloudplatform Citrix 3.0 (including) 3.0 (including)
Cloudplatform Citrix 3.0.3 (including) 3.0.3 (including)
Cloudplatform Citrix 3.0.4 (including) 3.0.4 (including)
Cloudplatform Citrix 3.0.5 (including) 3.0.5 (including)
Cloudplatform Citrix 3.0.6 (including) 3.0.6 (including)

References