John Kinsella

**Name of the Vulnerable Software and Affected Versions** Apache CloudStack versions prior to 4.5.2 **Description** The issue allows remote attackers to gain access by connecting to the VNC server due to improper preservation of VNC passwords when migrating KVM virtual machines. **Recommendations** For versions prior to 4.5.2, update to version 4.5.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the VNC server to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Apache CloudStack versions prior to 4.2.1 **Description** The issue allows remote attackers to bypass intended restrictions in firewall rules after the virtual router has been restarted, due to the failure of preserving source restrictions. **Recommendations** For versions prior to 4.2.1, update to version 4.2.1 or later to resolve the issue.