CVE-2024-39864

Name of the Vulnerable Software and Affected Versions CloudStack versions prior to 4.18.2.1 CloudStack versions prior to 4.19.0.2

Description The CloudStack integration API service allows running its unauthenticated API server for internal portal integrations and testing purposes. Due to improper initialization logic, the integration API service listens on a random port when its port value is set to 0. An attacker with access to the CloudStack management network could scan and find the randomized integration API service port, exploiting it to perform unauthorized administrative actions and remote code execution on CloudStack managed hosts. This could result in the complete compromise of the confidentiality, integrity, and availability of CloudStack managed infrastructure.

Recommendations For versions prior to 4.18.2.1, upgrade to version 4.18.2.1 or later. For versions prior to 4.19.0.2, upgrade to version 4.19.0.2 or later. As a temporary workaround, restrict network access on the CloudStack management server hosts to only essential ports.