Unauthorized Access to Network ACLs in Apache CloudStack
CVE-2014-0031 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
The (1) ListNetworkACL and (2) listNetworkACLLists APIs in Apache CloudStack before 4.2.1 allow remote authenticated users to list network ACLS for other users via a crafted request.
Learn more about our Cis Benchmark Audit For Apache Http Server.