Vulnerability Details CVE-2014-7807
Apache CloudStack 4.3.x before 4.3.2 and 4.4.x before 4.4.2 allows remote attackers to bypass authentication via a login request without a password, which triggers an unauthenticated bind.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.1%
CVSS Severity
CVSS v2 Score 5.0
References
Products affected by CVE-2014-7807
-
cpe:2.3:a:apache:cloudstack:4.3.0
-
cpe:2.3:a:apache:cloudstack:4.3.1
-
cpe:2.3:a:apache:cloudstack:4.4.0
-
cpe:2.3:a:apache:cloudstack:4.4.1