CVE-2024-29007

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

T

he CloudStack management server and secondary storage VM could be tricked into making requests to restricted or random resources by means of following 301 HTTP redirects presented by external servers when downloading templates or ISOs. Users are recommended to upgrade to version 4.18.1.1 or 4.19.0.1, which fixes this issue.

References

Link	Resource
https://lists.apache.org/thread/82f46pv7mvh95ybto5hn8wlo6g8jhjvp	Mailing List Vendor Advisory
https://lists.apache.org/thread/82f46pv7mvh95ybto5hn8wlo6g8jhjvp	Mailing List Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apache:cloudstack::::::::
	cpe:2.3:a:apache:cloudstack:4.19.0.0:::::::*

History

02 Sep 2025, 21:14

Type	Values Removed	Values Added
CWE	~~CWE-59~~

30 Jun 2025, 15:05

Type	Values Removed	Values Added
CWE		CWE-59
CPE		cpe:2.3:a:apache:cloudstack:4.19.0.0:::::::* cpe:2.3:a:apache:cloudstack::::::::
References	~~() https://lists.apache.org/thread/82f46pv7mvh95ybto5hn8wlo6g8jhjvp -~~	() https://lists.apache.org/thread/82f46pv7mvh95ybto5hn8wlo6g8jhjvp - Mailing List, Vendor Advisory
First Time		Apache cloudstack Apache

21 Nov 2024, 09:07

Type	Values Removed	Values Added
References	~~() https://lists.apache.org/thread/82f46pv7mvh95ybto5hn8wlo6g8jhjvp -~~	() https://lists.apache.org/thread/82f46pv7mvh95ybto5hn8wlo6g8jhjvp -

12 Nov 2024, 18:35

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.3

Information

Published : 2024-04-04 08:15

Updated : 2025-09-02 21:14

NVD link : CVE-2024-29007

Mitre link : CVE-2024-29007

CVE.ORG link : CVE-2024-29007

JSON object : View

Products Affected

cloudstack

CWE

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2024-29007", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 3.9}]}, "published": "2024-04-04T08:15:06.970", "references": [{"url": "https://lists.apache.org/thread/82f46pv7mvh95ybto5hn8wlo6g8jhjvp", "tags": ["Mailing List", "Vendor Advisory"], "source": "[email protected]"}, {"url": "https://lists.apache.org/thread/82f46pv7mvh95ybto5hn8wlo6g8jhjvp", "tags": ["Mailing List", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-918"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "The CloudStack management server and secondary storage VM could be tricked into making requests to restricted or random resources by means of following 301 HTTP redirects presented by external servers when downloading templates or ISOs. Users are recommended to upgrade to version 4.18.1.1 or 4.19.0.1, which fixes this issue.\n\n"}, {"lang": "es", "value": "Se podr\u00eda enga\u00f1ar al servidor de administraci\u00f3n de CloudStack y a la m\u00e1quina virtual de almacenamiento secundario para que realicen solicitudes a recursos restringidos o aleatorios mediante las siguientes redirecciones HTTP 301 presentadas por servidores externos al descargar plantillas o ISO. Se recomienda a los usuarios actualizar a la versi\u00f3n 4.18.1.1 o 4.19.0.1, que soluciona este problema."}], "lastModified": "2025-09-02T21:14:50.247", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:cloudstack:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2EE4F78-B6F4-43CB-979E-BFFFFA139AD5", "versionEndExcluding": "4.18.1.1", "versionStartIncluding": "4.9.1.0"}, {"criteria": "cpe:2.3:a:apache:cloudstack:4.19.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51E212EC-AC62-4533-B3B2-A660807F0C1F"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}