CVE-2019-17562: Improper Input Validation

May 14, 2020 (updated May 19, 2020)

A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. The vulnerability is due to the lack of validation of the mac parameter in baremetal virtual router. If you insert an arbitrary shell command into the mac parameter, v-router will process the command.

References

nvd.nist.gov/vuln/detail/CVE-2019-17562

Detect and mitigate CVE-2019-17562 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →