Vulnerability Details CVE-2013-4317
In Apache CloudStack 4.1.0 and 4.1.1, when calling the CloudStack API call listProjectAccounts as a regular, non-administrative user, the user is able to see information for accounts other than their own.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.2%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.0
Products affected by CVE-2013-4317
-
cpe:2.3:a:apache:cloudstack:4.1.0
-
cpe:2.3:a:apache:cloudstack:4.1.1