The Apache Software Foundation has issued security releases 4.18.1.1 and 4.19.0.1 for its popular cloud management platform, Apache CloudStack.
The first vulnerability tracked as CVE-2024-29006 is a medium severity vulnerability that leads to Unrestricted parsing of the X-Forwarded-For HTTP header within CloudStack’s management server could lead to API request source IP spoofing, potentially enabling authentication bypass and further exploitation.
The second vulnerability tracked as CVE-2024-29007 is a medium severity vulnerability that y following malicious HTTP redirects during template or ISO downloads, CloudStack’s management server and secondary storage virtual machines (SSVMs) could be tricked into making unauthorized requests, potentially exposing sensitive resources.
The third vulnerability tracked as CVE-2024-29008 is a most Critical vulnerability that resides in CloudStack’s “extraconfig” VM configuration feature, even if disabled, can be abused to load hypervisor resources onto a virtual machine. In KVM environments, this grants attackers the ability to attach host devices, potentially compromising network, and storage infrastructure, and gaining access to VM disks.
Affected Versions
- CVE-2024-29006: Apache CloudStack 4.11.0.0 through 4.18.1.0, and 4.19.0.0
- CVE-2024-29007: Apache CloudStack 4.9.1.0 through 4.18.1.0, and 4.19.0.0
- CVE-2024-29008: Apache CloudStack 4.14.0.0 through 4.18.1.0, and 4.19.0.0
CloudStack administrators are strongly urged to upgrade to versions 4.18.1.1 or 4.19.0.1 without delay.While these vulnerabilities are significant, it’s important to remember that proactive patching is a fundamental aspect of cloud security. Regular updates and vulnerability scanning help maintain a robust defense against evolving threats.
