security/index.html - cloudstack-www - Git at Google

 <!doctype html>
 <html lang="en" dir="ltr" class="mdx-wrapper mdx-page plugin-pages plugin-id-default" data-has-hydrated="false">
 <head>
 <meta charset="UTF-8">
 <meta name="generator" content="Docusaurus v2.4.3">
 <title data-rh="true">Apache CloudStack Security | Apache CloudStack</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://cloudstack.apache.org/security"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docusaurus_tag" content="default"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docsearch:docusaurus_tag" content="default"><meta data-rh="true" property="og:title" content="Apache CloudStack Security | Apache CloudStack"><meta data-rh="true" name="description" content="Apache CloudStack: Security"><meta data-rh="true" property="og:description" content="Apache CloudStack: Security"><link data-rh="true" rel="icon" href="/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://cloudstack.apache.org/security"><link data-rh="true" rel="alternate" href="https://cloudstack.apache.org/security" hreflang="en"><link data-rh="true" rel="alternate" href="https://cloudstack.apache.org/security" hreflang="x-default"><link rel="alternate" type="application/rss+xml" href="/blog/rss.xml" title="Apache CloudStack RSS Feed">
 <link rel="alternate" type="application/atom+xml" href="/blog/atom.xml" title="Apache CloudStack Atom Feed">


 <script src="scripts/bootstrap.bundle.min.js" async></script><link rel="stylesheet" href="/assets/css/styles.e659e3aa.css">
 <link rel="preload" href="/assets/js/runtime~main.0c9c84e6.js" as="script">
 <link rel="preload" href="/assets/js/main.07521be4.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
 <script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()||function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
 <div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a class="navbar__brand" href="/"><div class="navbar__logo"><img src="/img/navlogo.png" alt="apache-cloudstack" class="themedImage_ToTc themedImage--light_HNdA"><img src="/img/navlogo.png" alt="apache-cloudstack" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate"></b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">About</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/about">About</a></li><li><a class="dropdown__link" href="/history">History</a></li><li><a class="dropdown__link" href="/features">Features</a></li><li><a class="dropdown__link" href="/who">Who We Are</a></li><li><a class="dropdown__link" href="/bylaws">Community Bylaws</a></li><li><a class="dropdown__link" href="/trademark-guidelines">Trademark Guidelines</a></li><li><a class="dropdown__link" href="/security">Security</a></li></ul></div><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">Community</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/contribute">Get Involved</a></li><li><a class="dropdown__link" href="/developers">Developer Resources</a></li><li><a class="dropdown__link" href="/mailing-lists">Join Mailing Lists</a></li><li><a href="https://github.com/apache/cloudstack/issues" target="_blank" rel="noopener noreferrer" class="dropdown__link">Issues Tracker<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li><li><a href="https://join.slack.com/t/apachecloudstack/shared_invite/zt-1u8qwbivp-u16HRI~LWioLmF1G2D3Iyg" target="_blank" rel="noopener noreferrer" class="dropdown__link">Community Slack<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li><li><a class="dropdown__link" href="/events">Events and Meetups</a></li><li><a href="https://www.cloudstackcollab.org/" target="_blank" rel="noopener noreferrer" class="dropdown__link">Collab Conference<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li></ul></div><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">Use Cases</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/cloud-builders">Cloud Builders</a></li><li><a class="dropdown__link" href="/kubernetes">Kubernetes</a></li><li><a class="dropdown__link" href="/integrations">Integrations</a></li></ul></div><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">Users</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/users">Known Users</a></li><li><a class="dropdown__link" href="/blog/tags/case-studies">Case Studies</a></li><li><a href="https://docs.google.com/forms/d/e/1FAIpQLScPHIRetdt-pxPT62IesXMoQUmhQ8ATGKcYZa507mB9uwzn-Q/viewform" target="_blank" rel="noopener noreferrer" class="dropdown__link">Take Survey<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li></ul></div><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">Documentation</a><ul class="dropdown__menu"><li><a href="https://docs.cloudstack.apache.org" target="_blank" rel="noopener noreferrer" class="dropdown__link">CloudStack Documentation<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li><li><a href="https://cwiki.apache.org/confluence/display/CLOUDSTACK/Home" target="_blank" rel="noopener noreferrer" class="dropdown__link">Project Wiki<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li><li><a href="https://cwiki.apache.org/confluence/display/CLOUDSTACK/CloudStack+Books" target="_blank" rel="noopener noreferrer" class="dropdown__link">CloudStack Books<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li><li><a class="dropdown__link" href="/api/">API Documentation</a></li></ul></div><a class="navbar__item navbar__link" href="/downloads">Download</a><a class="navbar__item navbar__link" href="/blog">Blog</a><a href="https://github.com/apache/cloudstack" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="searchBox_ZlJk"><div class="navbar__search searchBarContainer_NW3z"><input placeholder="Search" aria-label="Search" class="navbar__search-input"><div class="loadingRing_RJI3 searchBarLoadingRing_YnHq"><div></div><div></div><div></div><div></div></div><div class="searchHintContainer_Pkmr"><kbd class="searchHint_iIMx">ctrl</kbd><kbd class="searchHint_iIMx">K</kbd></div></div></div><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">ASF</a><ul class="dropdown__menu"><li><a href="https://www.apache.org/" target="_blank" rel="noopener noreferrer" class="dropdown__link">Foundation</a></li><li><a href="https://www.apache.org/licenses/" target="_blank" rel="noopener noreferrer" class="dropdown__link">License</a></li><li><a href="https://www.apache.org/events/current-event" target="_blank" rel="noopener noreferrer" class="dropdown__link">Events</a></li><li><a href="https://www.apache.org/foundation/sponsorship.html" target="_blank" rel="noopener noreferrer" class="dropdown__link">Sponsorship</a></li><li><a href="https://www.apache.org/foundation/policies/privacy.html" target="_blank" rel="noopener noreferrer" class="dropdown__link">Privacy</a></li><li><a href="https://www.apache.org/foundation/thanks.html" target="_blank" rel="noopener noreferrer" class="dropdown__link">Thanks</a></li></ul></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0"><main class="container container--fluid margin-vert--lg"><div class="row mdxPageWrapper_j9I6"><div class="col col--8"><article><h1>Apache CloudStack: Security</h1><h2>Security Model</h2><p>The Apache CloudStack project understands that as a core infrastructure project,
 the application security of Apache CloudStack is of critical importance to the
 community and users.</p><p>It is important to know that the project can not guarantee that it will be secure with
 the following usages:</p><ul><li>share access to the DataBase</li><li>share database dumps or other forms of backups</li><li>share log files</li><li>use any of <a href="/integrations">the third party integration components</a>, that are meant for monitoring, storage, network and more.</li></ul><p>In addition to that, it is your own responsibility, as an operator to</p><ul><li>protect against DoS and brute-force attacks.</li><li>provide full fledged monitoring. Though some facilities are provided, putting appropriate monitoring remains the ultimate responsibility of the operator.</li><li>ensure the security and integrity, including safeguarding them against unauthorized external access of critical cloud resources. These include, but are not limited to OS level access to Hosts, Management Servers, SystemVMs and routers.</li><li>make sure scripts and executables added as custom integrations in the extensions framework, are safe to use.</li></ul><p>That all said, the project will work with any one on improving the secure
 use of the software it provides, with any 3rd party integration
 vendors or users of the software. This can be done on public GitHub
 issues or confidentially if so desired.</p><h2>Reporting Potential Vulnerabilities in Apache CloudStack</h2><p>If you&#x27;ve found an issue that you believe is a security vulnerability in a
 released version of CloudStack, please report it to the <a href="https://www.apache.org/security/" target="_blank" rel="noopener noreferrer">ASF security
 team</a> via email to
 <a href="mailto:security@apache.org" target="_blank" rel="noopener noreferrer">security@apache.org</a> with details about the
 vulnerability, how it might be exploited, and any additional information that
 might be useful.</p><p>Upon notification, the ASF security team will work with the CloudStack PMC
 through validation and fixing the issue. If the issue is validated, it generally
 takes 2-4 weeks from notification to public announcement of the vulnerability.
 During this time, the team will communicate with you as they proceed through the
 response procedure, and ask that the issue not be announced before an
 agreed-upon date.</p><p><strong>Please do not create publicly-viewable JIRA tickets related to the issue</strong>. If
 validated, a JIRA ticket with the security flag set will be created for tracking
 the issue in a non-public manner, and made public at the appropriate time.</p><h2>Procedure for Responding to Potential Security Issues</h2><p>We follow the Apache Security Team&#x27;s procedures documented
 <a href="https://www.apache.org/security/committers.html" target="_blank" rel="noopener noreferrer">here</a>.</p><h2>For further information</h2><p>Further information about Apache CloudStack&#x27;s security practices can be found in
 the <a href="https://cwiki.apache.org/confluence/display/CLOUDSTACK/CloudStack+Security" target="_blank" rel="noopener noreferrer">CloudStack Security wiki
 page</a>.</p></article></div></div></main></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="margin-bottom--sm"><a href="https://cloudstack.apache.org/" rel="noopener noreferrer" class="footerLogoLink_BH7S"><img src="/img/ACS_logo_slogan.svg" alt="Apache CloudStack logo" class="themedImage_ToTc themedImage--light_HNdA footer__logo"><img src="/img/ACS_logo_slogan.svg" alt="Apache CloudStack logo" class="themedImage_ToTc themedImage--dark_i4oU footer__logo"></a></div><div class="footer__copyright">
             <div class="social">
                 <a href="mailto:dev-subscribe@cloudstack.apache.org">
 		  <img src="/img/mail_mini_icon.svg" alt="">
 		</a>
                 <a href="mailto:users@cloudstack.apache.org?subject=Request%20to%20join%20Slack%20community&body=Thanks,%0A%0ARegards." target="_blank">
 		  <img src="/img/slack_mini_icon.svg" alt="">
 		</a>
                 <a href="https://github.com/apache/cloudstack" target="_blank">
 		  <img src="/img/git_mini_icon.svg" alt="">
 		</a>
                 <a href="https://twitter.com/CloudStack" target="_blank">
 		  <img src="/img/twitter_X_mini_icon.svg" alt="">
 		</a>
                 <a href="https://www.reddit.com/r/ApacheCloudStack/" target="_blank">
 		  <img src="/img/reddit_icon.svg" alt="">
 		</a>
                 <a href="https://www.youtube.com/@ApacheCloudStack" target="_blank">
 		  <img src="/img/youtube_mini_icon.svg" alt="">
 		</a>
                 <a href="https://www.linkedin.com/company/apachecloudstack/posts/" target="_blank">
 		  <img src="/img/linkedin_icon.svg" alt="">
 		</a>
             </div>
             <div class="footer-bottom">Copyright © 2012  - 2026 The Apache
 Software Foundation, Licensed under the Apache License, Version 2.0.
 “Apache”, “CloudStack”, “Apache CloudStack”, the Apache CloudStack logo,
  the Apache CloudStack Cloud Monkey logo and the Apache feather logos
 are registered trademarks or trademarks of The Apache Software
 Foundation.
             <p class="footer-blue"><a href="/trademark-guidelines">Apache CloudStack Trademark Usage</a> - <a href="/bylaws">Apache CloudStack Community ByLaws</a> - <a href="https://github.com/apache/cloudstack-www">Website Source Code</a></p></div>
             </div>
           <br>
           </div></div></footer></div>
 <script src="/assets/js/runtime~main.0c9c84e6.js"></script>
 <script src="/assets/js/main.07521be4.js"></script>
 </body>
 </html>
	<!doctype html>
	<html lang="en" dir="ltr" class="mdx-wrapper mdx-page plugin-pages plugin-id-default" data-has-hydrated="false">
	<head>
	<meta charset="UTF-8">
	<meta name="generator" content="Docusaurus v2.4.3">
	<title data-rh="true">Apache CloudStack Security \| Apache CloudStack</title><meta data-rh="true" name="viewport" content="width=device-width,initial-scale=1"><meta data-rh="true" name="twitter:card" content="summary_large_image"><meta data-rh="true" property="og:url" content="https://cloudstack.apache.org/security"><meta data-rh="true" name="docusaurus_locale" content="en"><meta data-rh="true" name="docusaurus_tag" content="default"><meta data-rh="true" name="docsearch:language" content="en"><meta data-rh="true" name="docsearch:docusaurus_tag" content="default"><meta data-rh="true" property="og:title" content="Apache CloudStack Security \| Apache CloudStack"><meta data-rh="true" name="description" content="Apache CloudStack: Security"><meta data-rh="true" property="og:description" content="Apache CloudStack: Security"><link data-rh="true" rel="icon" href="/img/favicon.ico"><link data-rh="true" rel="canonical" href="https://cloudstack.apache.org/security"><link data-rh="true" rel="alternate" href="https://cloudstack.apache.org/security" hreflang="en"><link data-rh="true" rel="alternate" href="https://cloudstack.apache.org/security" hreflang="x-default"><link rel="alternate" type="application/rss+xml" href="/blog/rss.xml" title="Apache CloudStack RSS Feed">
	<link rel="alternate" type="application/atom+xml" href="/blog/atom.xml" title="Apache CloudStack Atom Feed">






	<script src="scripts/bootstrap.bundle.min.js" async></script><link rel="stylesheet" href="/assets/css/styles.e659e3aa.css">
	<link rel="preload" href="/assets/js/runtime~main.0c9c84e6.js" as="script">
	<link rel="preload" href="/assets/js/main.07521be4.js" as="script">
	</head>
	<body class="navigation-with-keyboard">
	<script>!function(){function t(t){document.documentElement.setAttribute("data-theme",t)}var e=function(){var t=null;try{t=new URLSearchParams(window.location.search).get("docusaurus-theme")}catch(t){}return t}()\|\|function(){var t=null;try{t=localStorage.getItem("theme")}catch(t){}return t}();t(null!==e?e:"light")}()</script><div id="__docusaurus">
	<div role="region" aria-label="Skip to main content"><a class="skipToContent_fXgn" href="#__docusaurus_skipToContent_fallback">Skip to main content</a></div><nav aria-label="Main" class="navbar navbar--fixed-top"><div class="navbar__inner"><div class="navbar__items"><button aria-label="Toggle navigation bar" aria-expanded="false" class="navbar__toggle clean-btn" type="button"><svg width="30" height="30" viewBox="0 0 30 30" aria-hidden="true"><path stroke="currentColor" stroke-linecap="round" stroke-miterlimit="10" stroke-width="2" d="M4 7h22M4 15h22M4 23h22"></path></svg></button><a class="navbar__brand" href="/"><div class="navbar__logo"><img src="/img/navlogo.png" alt="apache-cloudstack" class="themedImage_ToTc themedImage--light_HNdA"><img src="/img/navlogo.png" alt="apache-cloudstack" class="themedImage_ToTc themedImage--dark_i4oU"></div><b class="navbar__title text--truncate"></b></a></div><div class="navbar__items navbar__items--right"><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">About</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/about">About</a></li><li><a class="dropdown__link" href="/history">History</a></li><li><a class="dropdown__link" href="/features">Features</a></li><li><a class="dropdown__link" href="/who">Who We Are</a></li><li><a class="dropdown__link" href="/bylaws">Community Bylaws</a></li><li><a class="dropdown__link" href="/trademark-guidelines">Trademark Guidelines</a></li><li><a class="dropdown__link" href="/security">Security</a></li></ul></div><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">Community</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/contribute">Get Involved</a></li><li><a class="dropdown__link" href="/developers">Developer Resources</a></li><li><a class="dropdown__link" href="/mailing-lists">Join Mailing Lists</a></li><li><a href="https://github.com/apache/cloudstack/issues" target="_blank" rel="noopener noreferrer" class="dropdown__link">Issues Tracker<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li><li><a href="https://join.slack.com/t/apachecloudstack/shared_invite/zt-1u8qwbivp-u16HRI~LWioLmF1G2D3Iyg" target="_blank" rel="noopener noreferrer" class="dropdown__link">Community Slack<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li><li><a class="dropdown__link" href="/events">Events and Meetups</a></li><li><a href="https://www.cloudstackcollab.org/" target="_blank" rel="noopener noreferrer" class="dropdown__link">Collab Conference<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li></ul></div><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">Use Cases</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/cloud-builders">Cloud Builders</a></li><li><a class="dropdown__link" href="/kubernetes">Kubernetes</a></li><li><a class="dropdown__link" href="/integrations">Integrations</a></li></ul></div><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">Users</a><ul class="dropdown__menu"><li><a class="dropdown__link" href="/users">Known Users</a></li><li><a class="dropdown__link" href="/blog/tags/case-studies">Case Studies</a></li><li><a href="https://docs.google.com/forms/d/e/1FAIpQLScPHIRetdt-pxPT62IesXMoQUmhQ8ATGKcYZa507mB9uwzn-Q/viewform" target="_blank" rel="noopener noreferrer" class="dropdown__link">Take Survey<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li></ul></div><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">Documentation</a><ul class="dropdown__menu"><li><a href="https://docs.cloudstack.apache.org" target="_blank" rel="noopener noreferrer" class="dropdown__link">CloudStack Documentation<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li><li><a href="https://cwiki.apache.org/confluence/display/CLOUDSTACK/Home" target="_blank" rel="noopener noreferrer" class="dropdown__link">Project Wiki<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li><li><a href="https://cwiki.apache.org/confluence/display/CLOUDSTACK/CloudStack+Books" target="_blank" rel="noopener noreferrer" class="dropdown__link">CloudStack Books<svg width="12" height="12" aria-hidden="true" viewBox="0 0 24 24" class="iconExternalLink_nPIU"><path fill="currentColor" d="M21 13v10h-21v-19h12v2h-10v15h17v-8h2zm3-12h-10.988l4.035 4-6.977 7.07 2.828 2.828 6.977-7.07 4.125 4.172v-11z"></path></svg></a></li><li><a class="dropdown__link" href="/api/">API Documentation</a></li></ul></div><a class="navbar__item navbar__link" href="/downloads">Download</a><a class="navbar__item navbar__link" href="/blog">Blog</a><a href="https://github.com/apache/cloudstack" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link header-github-link" aria-label="GitHub repository"></a><div class="searchBox_ZlJk"><div class="navbar__search searchBarContainer_NW3z"><input placeholder="Search" aria-label="Search" class="navbar__search-input"><div class="loadingRing_RJI3 searchBarLoadingRing_YnHq"><div></div><div></div><div></div><div></div></div><div class="searchHintContainer_Pkmr"><kbd class="searchHint_iIMx">ctrl</kbd><kbd class="searchHint_iIMx">K</kbd></div></div></div><div class="navbar__item dropdown dropdown--hoverable dropdown--right"><a href="#" aria-haspopup="true" aria-expanded="false" role="button" class="navbar__link">ASF</a><ul class="dropdown__menu"><li><a href="https://www.apache.org/" target="_blank" rel="noopener noreferrer" class="dropdown__link">Foundation</a></li><li><a href="https://www.apache.org/licenses/" target="_blank" rel="noopener noreferrer" class="dropdown__link">License</a></li><li><a href="https://www.apache.org/events/current-event" target="_blank" rel="noopener noreferrer" class="dropdown__link">Events</a></li><li><a href="https://www.apache.org/foundation/sponsorship.html" target="_blank" rel="noopener noreferrer" class="dropdown__link">Sponsorship</a></li><li><a href="https://www.apache.org/foundation/policies/privacy.html" target="_blank" rel="noopener noreferrer" class="dropdown__link">Privacy</a></li><li><a href="https://www.apache.org/foundation/thanks.html" target="_blank" rel="noopener noreferrer" class="dropdown__link">Thanks</a></li></ul></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0"><main class="container container--fluid margin-vert--lg"><div class="row mdxPageWrapper_j9I6"><div class="col col--8"><article><h1>Apache CloudStack: Security</h1><h2>Security Model</h2><p>The Apache CloudStack project understands that as a core infrastructure project,
	the application security of Apache CloudStack is of critical importance to the
	community and users.</p><p>It is important to know that the project can not guarantee that it will be secure with
	the following usages:</p><ul><li>share access to the DataBase</li><li>share database dumps or other forms of backups</li><li>share log files</li><li>use any of <a href="/integrations">the third party integration components</a>, that are meant for monitoring, storage, network and more.</li></ul><p>In addition to that, it is your own responsibility, as an operator to</p><ul><li>protect against DoS and brute-force attacks.</li><li>provide full fledged monitoring. Though some facilities are provided, putting appropriate monitoring remains the ultimate responsibility of the operator.</li><li>ensure the security and integrity, including safeguarding them against unauthorized external access of critical cloud resources. These include, but are not limited to OS level access to Hosts, Management Servers, SystemVMs and routers.</li><li>make sure scripts and executables added as custom integrations in the extensions framework, are safe to use.</li></ul><p>That all said, the project will work with any one on improving the secure
	use of the software it provides, with any 3rd party integration
	vendors or users of the software. This can be done on public GitHub
	issues or confidentially if so desired.</p><h2>Reporting Potential Vulnerabilities in Apache CloudStack</h2><p>If you've found an issue that you believe is a security vulnerability in a
	released version of CloudStack, please report it to the <a href="https://www.apache.org/security/" target="_blank" rel="noopener noreferrer">ASF security
	team</a> via email to
	<a href="mailto:security@apache.org" target="_blank" rel="noopener noreferrer">security@apache.org</a> with details about the
	vulnerability, how it might be exploited, and any additional information that
	might be useful.</p><p>Upon notification, the ASF security team will work with the CloudStack PMC
	through validation and fixing the issue. If the issue is validated, it generally
	takes 2-4 weeks from notification to public announcement of the vulnerability.
	During this time, the team will communicate with you as they proceed through the
	response procedure, and ask that the issue not be announced before an
	agreed-upon date.</p><p><strong>Please do not create publicly-viewable JIRA tickets related to the issue</strong>. If
	validated, a JIRA ticket with the security flag set will be created for tracking
	the issue in a non-public manner, and made public at the appropriate time.</p><h2>Procedure for Responding to Potential Security Issues</h2><p>We follow the Apache Security Team's procedures documented
	<a href="https://www.apache.org/security/committers.html" target="_blank" rel="noopener noreferrer">here</a>.</p><h2>For further information</h2><p>Further information about Apache CloudStack's security practices can be found in
	the <a href="https://cwiki.apache.org/confluence/display/CLOUDSTACK/CloudStack+Security" target="_blank" rel="noopener noreferrer">CloudStack Security wiki
	page</a>.</p></article></div></div></main></div><footer class="footer footer--dark"><div class="container container-fluid"><div class="footer__bottom text--center"><div class="margin-bottom--sm"><a href="https://cloudstack.apache.org/" rel="noopener noreferrer" class="footerLogoLink_BH7S"><img src="/img/ACS_logo_slogan.svg" alt="Apache CloudStack logo" class="themedImage_ToTc themedImage--light_HNdA footer__logo"><img src="/img/ACS_logo_slogan.svg" alt="Apache CloudStack logo" class="themedImage_ToTc themedImage--dark_i4oU footer__logo"></a></div><div class="footer__copyright">
	<div class="social">
	<a href="mailto:dev-subscribe@cloudstack.apache.org">
	<img src="/img/mail_mini_icon.svg" alt="">
	</a>
	<a href="mailto:users@cloudstack.apache.org?subject=Request%20to%20join%20Slack%20community&body=Thanks,%0A%0ARegards." target="_blank">
	<img src="/img/slack_mini_icon.svg" alt="">
	</a>
	<a href="https://github.com/apache/cloudstack" target="_blank">
	<img src="/img/git_mini_icon.svg" alt="">
	</a>
	<a href="https://twitter.com/CloudStack" target="_blank">
	<img src="/img/twitter_X_mini_icon.svg" alt="">
	</a>
	<a href="https://www.reddit.com/r/ApacheCloudStack/" target="_blank">
	<img src="/img/reddit_icon.svg" alt="">
	</a>
	<a href="https://www.youtube.com/@ApacheCloudStack" target="_blank">
	<img src="/img/youtube_mini_icon.svg" alt="">
	</a>
	<a href="https://www.linkedin.com/company/apachecloudstack/posts/" target="_blank">
	<img src="/img/linkedin_icon.svg" alt="">
	</a>
	</div>
	<div class="footer-bottom">Copyright © 2012 - 2026 The Apache
	Software Foundation, Licensed under the Apache License, Version 2.0.
	“Apache”, “CloudStack”, “Apache CloudStack”, the Apache CloudStack logo,
	the Apache CloudStack Cloud Monkey logo and the Apache feather logos
	are registered trademarks or trademarks of The Apache Software
	Foundation.
	<p class="footer-blue"><a href="/trademark-guidelines">Apache CloudStack Trademark Usage</a> - <a href="/bylaws">Apache CloudStack Community ByLaws</a> - <a href="https://github.com/apache/cloudstack-www">Website Source Code</a></p></div>
	</div>
	<br>
	</div></div></footer></div>
	<script src="/assets/js/runtime~main.0c9c84e6.js"></script>
	<script src="/assets/js/main.07521be4.js"></script>
	</body>
	</html>