Severity
High
Analysis Summary
CVE-2025-30675 CVSS:4.7
In Apache CloudStack, a flaw in access control affects the listTemplates and listIsos APIs. A malicious Domain Admin or Resource Admin can exploit this issue by intentionally specifying the 'domainid' parameter along with the 'filter=self' or 'filter=selfexecutable' values. This allows the attacker to gain unauthorized visibility into templates and ISOs under the ROOT domain.
CVE-2025-47849 CVSS:6.7
Apache CloudStack could allow a remote authenticated attacker to gain elevated privileges on the system, caused by an insecure access of user's API/Secret keys in the same domain.
CVE-2025-47713 CVSS:9.1
Apache CloudStack could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw with able to reset Admin password in Root Domain by the Domain Admin.
CVE-2025-26521 CVSS:9.9
Apache CloudStack could allow a remote authenticated attacker to obtain the API key and secret key of the 'kubeadmin' user of the CKS cluster's creator's account, caused by improper access control.
Impact
- Gain Access
- Privilege Escalation
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-30675
CVE-2025-47849
CVE-2025-47713
CVE-2025-26521
Affected Vendors
Affected Products
- Apache Cloudstack - 4.0.0 - 4.19.3.0
- Apache Cloudstack - 4.20.0.0 - 4.20.1.0
Remediation
Refer to Adobe Security Advisory for patch, upgrade, or suggested workaround information.