Bernardo De Marco Gonã§Alves

**Name of the Vulnerable Software and Affected Versions** Apache CloudStack versions prior to 4.19.3.0 Apache CloudStack versions prior to 4.20.1.0 **Description** A flaw in access control affects the "listTemplates" and "listIsos" APIs. A malicious Domain Admin or Resource Admin can exploit this issue by specifying the `domainid` parameter along with the `filter=self` or `filter=selfexecutable` values, allowing the attacker to gain unauthorized visibility into templates and ISOs under the ROOT domain. This can lead to the enumeration and extraction of metadata of templates and ISOs that belong to unrelated domains, violating isolation boundaries and potentially exposing sensitive or internal configuration details. **Recommendations** For Apache CloudStack versions prior to 4.19.3.0, upgrade to Apache CloudStack 4.19.3.0. For Apache CloudStack versions prior to 4.20.1.0, upgrade to Apache CloudStack 4.20.1.0. As a temporary workaround, consider restricting access to the "listTemplates" and "listIsos" APIs to minimize the risk of exploitation.