[ https://issues.apache.org/jira/browse/CLOUDSTACK-9705?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15891965#comment-15891965 ]
ASF GitHub Bot commented on CLOUDSTACK-9705: -------------------------------------------- Github user anshul1886 commented on the issue: https://github.com/apache/cloudstack/pull/1865 @koushik-das, This method is there so that it only gets called when the call is made through 8096 port. Other parameters processing is done at common place. > Unauthenticated API allows Admin password reset > ----------------------------------------------- > > Key: CLOUDSTACK-9705 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9705 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Reporter: Anshul Gangwar > Assignee: Anshul Gangwar > > The "unauthenticated API" allows a caller to reset CloudStack administrator > passwords. This presents a security risk becaues it allows for privilege > escallation attacks. First, if the unauthenticated API is listening on the > network (instead of locally) then any user on the network can reset admin > passwords. If, the API is only listening locally, then any user with access > to the local box can resset admin passwords. This would allow them to access > other hosts within the cloudstack deployment. > While it may be important to provide a recovery mechanism for admin passwords > that have been lost or hyjacked, such a solution needs to be secure. We > should either remove this feature from the Unauthenticated API, or provide a > solution that is less open to abuse. -- This message was sent by Atlassian JIRA (v6.3.15#6346)