CVE-2016-6813 is a vulnerability in Apache CloudStack
Published on February 6, 2018

Apache CloudStack 4.1 to 4.8.1.0 and 4.9.0.0 contain an API call designed to allow a user to register for the developer API. If a malicious user is able to determine the ID of another (non-"root") CloudStack user, the malicious user may be able to reset the API keys for the other user, in turn accessing their account and resources.

NVD

Products Associated with CVE-2016-6813

Want to know whenever a new CVE is published for Apache CloudStack? stack.watch will email you.

Apache CloudStack

Affected Versions

Apache Software Foundation Apache CloudStack:

Version 4.1 to 4.8.1.0 is affected.
Version 4.9.0.0 is affected.

Exploit Probability

EPSS

1.53%

Percentile

81.09%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2016-6813 is a vulnerability in Apache CloudStackPublished on February 6, 2018

Products Associated with CVE-2016-6813

Affected Versions

Exploit Probability

CVE-2016-6813 is a vulnerability in Apache CloudStack
Published on February 6, 2018