Vulnerabilities > Apache > Cloudstack > 4.5.2

DATE CVE VULNERABILITY TITLE RISK
2022-03-15 CVE-2022-26779 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Apache Cloudstack
Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens.
network
high complexity
apache CWE-338
4.6
4.6
2020-05-14 CVE-2019-17562 Improper Input Validation vulnerability in Apache Cloudstack
A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack.
network
low complexity
apache CWE-20
7.5
7.5
2018-02-06 CVE-2016-6813 Unspecified vulnerability in Apache Cloudstack
Apache CloudStack 4.1 to 4.8.1.0 and 4.9.0.0 contain an API call designed to allow a user to register for the developer API.
network
low complexity
apache
critical
 9.8
9.8
2016-06-10 CVE-2016-3085 7PK - Security Features vulnerability in Apache Cloudstack
Apache CloudStack 4.5.x before 4.5.2.1, 4.6.x before 4.6.2.1, 4.7.x before 4.7.1.1, and 4.8.x before 4.8.0.1, when SAML-based authentication is enabled and used, allow remote attackers to bypass authentication and access the user interface via vectors related to the SAML plugin.
network
apache CWE-254
5.8
5.8