FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

CVE-2024-45219

Improper Input Validation (CWE-20)

Published: Oct 16, 2024 / Updated: 34d ago

010
CVSS 8.5EPSS 0.05%High
CVE info copied to clipboard

Summary

Account users in Apache CloudStack can upload and register templates for deploying instances and volumes for attaching them as data disks to existing instances. Due to missing validation checks for KVM-compatible templates or volumes in CloudStack versions 4.0.0 through 4.18.2.3 and 4.19.0.0 through 4.19.1.1, an attacker with the ability to upload or register templates and volumes can exploit this to gain access to host filesystems. This could result in the compromise of resource integrity and confidentiality, data loss, denial of service, and availability issues in KVM-based infrastructure managed by CloudStack.

Impact

The impact of this vulnerability is severe. An attacker could potentially: 1. Gain unauthorized access to host filesystems 2. Compromise resource integrity and confidentiality 3. Cause data loss 4. Initiate denial of service attacks 5. Affect the availability of KVM-based infrastructure managed by CloudStack The CVSS v3.1 base score is 8.5 (High), with the following metrics: - Attack Vector: Network - Attack Complexity: High - Privileges Required: Low - User Interaction: None - Scope: Changed - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High This high severity score indicates that the vulnerability poses a significant risk and should be prioritized for patching.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

Patches are available. Users are recommended to upgrade to Apache CloudStack 4.18.2.4 or 4.19.1.2, or later versions, which address this issue.

Mitigation

1. Upgrade to Apache CloudStack 4.18.2.4, 4.19.1.2, or later versions. 2. Scan and check all user-uploaded or registered KVM-compatible templates and volumes to ensure they are flat files without additional or unnecessary features. 3. Run the following command on secondary storage to inspect disks for potential compromise: for file in $(find /path/to/storage/ -type f -regex [a-f0-9\-]*.*); do echo "Retrieving file [$file] info. If the output is not empty, that might indicate a compromised disk; check it carefully."; qemu-img info -U $file | grep file: ; printf "\n\n"; done 4. For a more comprehensive check of template/volume features, use: for file in $(find /path/to/storage/ -type f -regex [a-f0-9\-]*.*); do echo "Retrieving file [$file] info."; qemu-img info -U $file; printf "\n\n"; done Note: When running these commands on file-based primary storages, be aware of potential false positives and false negatives due to volume creation and consolidation processes.

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2024-45219. See article

Oct 15, 2024 at 7:38 PM / announce
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 15, 2024 at 7:39 PM
CVE Assignment

NVD published the first details for CVE-2024-45219

Oct 16, 2024 at 8:15 AM
CVSS

A CVSS base score of 8.5 has been assigned.

Oct 16, 2024 at 8:20 AM / nvd
Detection in Vulnerability Scanners

Detection for the vulnerability has been added to Qualys (731847)

Oct 17, 2024 at 7:53 AM
EPSS

EPSS Score was set to: 0.05% (Percentile: 16.4%)

Oct 17, 2024 at 10:04 AM
Static CVE Timeline Graph

Affected Systems

Apache/cloudstack
+null more

Links to Mitre Att&cks

T1562.003: Impair Command History Logging
+null more

Attack Patterns

CAPEC-10: Buffer Overflow via Environment Variables
+null more

News

Vulnerability Summary for the Week of October 14, 2024
Totally Secure / 28d
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source Info Patch Info Acespritech Solutions Pvt. Ltd.–Social Link Groups Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Acespritech Solutions Pvt. Ltd. Social Link Groups allows Blind SQL Injection.This issue affects Social Link Groups: from n/a through 1.1.0. 2024-10-20 8.5 CVE-2024-49619 audit@patchstack.com acm309–PutongOJ PutongOJ is online judging software. Prior to version 2.1.0-beta.1, unprivileged users can escalate privileges by constructing requests. This can lead to unauthorized access, enabling users to perform admin-level operations, potentially compromising sensitive data and system integrity. This problem has been fixed in v2.1.0.beta.1. As a workaround, one may apply the patch from commit `211dfe9` manually.
US-CERT Vulnerability Summary for the Week of October 14, 2024
RedPacket Security / 29d
Primary Vendor — Product Description Published CVSS Score Source Info Patch Info Acespritech Solutions Pvt. Ltd.–Social Link Groups Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Acespritech Solutions Pvt. Ltd. Social Link Groups allows Blind SQL Injection.This issue affects Social Link Groups: from n/a through 1.1.0. 2024-10-20 8.5 CVE-2024-49619 [email protected] acm309–PutongOJ PutongOJ is online judging software. Prior to version 2.1.0-beta.1, unprivileged users can escalate privileges by constructing requests. This can lead to unauthorized access, enabling users to perform admin-level operations, potentially compromising sensitive data and system integrity. This problem has been fixed in v2.1.0.beta.1. As a workaround, one may apply the patch from commit `211dfe9` manually.
Vulnerability Summary for the Week of October 14, 2024
Bulletins / 29d
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source Info Patch Info Acespritech Solutions Pvt. Ltd.--Social Link Groups Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Acespritech Solutions Pvt. Ltd. Social Link Groups allows Blind SQL Injection.This issue affects Social Link Groups: from n/a through 1.1.0. 2024-10-20 8.5 CVE-2024-49619 audit@patchstack.com acm309--PutongOJ PutongOJ is online judging software. Prior to version 2.1.0-beta.1, unprivileged users can escalate privileges by constructing requests. This can lead to unauthorized access, enabling users to perform admin-level operations, potentially compromising sensitive data and system integrity. This problem has been fixed in v2.1.0.beta.1. As a workaround, one may apply the patch from commit `211dfe9` manually.
Apache CloudStack Security Update Advisory
ASEC / 32d
Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version. Users of the affected versions are advised to update to the latest version.
Apache CloudStack fixes several vulnerabilities
Latest Newsroom / 33d
The most severe vulnerability, CVE-2024-45219 with a CVSS score of 8.5, could allow attackers to compromise KVM-based infrastructure. This vulnerability stems from a lack of validation checks, enabling attackers to deploy malicious instances or attach compromised volumes to gain access to host filesystems.
See 15 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:High
Privileges Required:Low
User Interaction:None
Scope:Changed
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

CVSS 8.5(18246)CWE-20(11385)CWE-116(280)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial