CVE-2025-26521 | Apache CloudStack prior 4.19.3.0/4.20.1.0 ProjectsA Service /tmp/cloud-config information disclosure

A vulnerability was found in Apache CloudStack. It has been rated as problematic. This issue affects some unknown processing of the file /tmp/cloud-config of the component ProjectsA Service. The manipulation leads to information disclosure.

The identification of this vulnerability is CVE-2025-26521. The attack can only be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More