Multiple SAP Products Vulnerabilities

July 24, 2024

Multiple D-Link DSL-225 Vulnerabilities

July 24, 2024

CVE-2024-41107 – Apache CloudStack Vulnerability

July 24, 2024

Severity

High

Analysis Summary

CVE-2024-41107

Apache CloudStack could allow a remote attacker to bypass security restrictions, caused by not enforce signature check in SAML authentication. By submitting a spoofed SAML response, an attacker could exploit this vulnerability to compromise the resources owned and/or accessible by a SAML enabled user-account.

Impact

Security Bypass

Indicators of Compromise

CVE

CVE-2024-41107

Affected Vendors

Apache

Affected Products

Apache CloudStack 4.5.0
Apache CloudStack 4.19.0.0
Apache CloudStack 4.18.2.1
Apache CloudStack 4.19.0.2

Remediation

Upgrade to the latest version of Apache CloudStack, available from the Apache Website.

Apache Website

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Multiple SAP Products Vulnerabilities

Multiple D-Link DSL-225 Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation