CVE-2025-30675

In Apache CloudStack, a flaw in access control affects the listTemplates and listIsos APIs. A malicious Domain Admin or Resource Admin can exploit this issue by intentionally specifying the &amp;#39;domainid&amp;#39; parameter along with the &amp;#39;filter=self&amp;#39; or &amp;#39;filter=selfexecutable&amp;#39; values. This allows the attacker to gain unauthorized visibility into templates and ISOs under the ROOT domain.<br /> <br /> A malicious admin can enumerate and extract metadata of templates and ISOs that belong to unrelated domains, violating isolation boundaries and potentially exposing sensitive or internal configuration details. <br /> <br /> This vulnerability has been fixed by ensuring the domain resolution strictly adheres to the caller&amp;#39;s scope rather than defaulting to the ROOT domain.<br /> <br /> <br /> <br /> <br /> Affected users are recommended to upgrade to Apache CloudStack 4.19.3.0 or 4.20.1.0.