1. Home
  2. CVE Database
  3. CVE-2025-69233
MEDIUM · 6.5

CVE-2025-69233

Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limit...

Vulnerability Description

Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limits configured for their accounts/domains. This can be used by an attacker to degrade the infrastructure's resources and lead to denial of service conditions. Users are recommended to upgrade to Apache CloudStack versions 4.20.3.0 or 4.22.0.1, or later, which fixes this issue.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
ApacheCloudstack>= 4.0.0, < 4.20.3.0

Related Weaknesses (CWE)

CWE-770CWE-367

References

FAQ

What is CVE-2025-69233?

CVE-2025-69233 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limit...

How severe is CVE-2025-69233?

CVE-2025-69233 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-69233?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Cloudstack.