Apache · Apache Cloudstack · CVE-2014-0031
**Name of the Vulnerable Software and Affected Versions**
Apache CloudStack versions prior to 4.2.1
**Description**
The issue affects the ListNetworkACL and listNetworkACLLists APIs, allowing remote authenticated users to list network ACLs for other users via a crafted request.
**Recommendations**
For versions prior to 4.2.1, update to version 4.2.1 or later to resolve the issue.