Introduction

 
CloudStack console access is implemented as a AJAX application that can run on most of popular browsers on various operating platforms. It inherits some common security implications from of browser-based platformsapplications. This improvement mainly focuses to improve the security against following attacks that are common to browser-based applications. 

• URL manipulation
• replay by reusing a copied URL
  

...

A malicious user uses his/her login to CloudStack system, open a valid console access session to a VM,  the user can use tools to learn the console startup URL, manipulate it to try to gain access to VMs that he/she does not have privilege to view.

Design

 
To authenticate a valid console access, following authentication process will be gone through

1) User requests for a console access to a selected VM, the request is usually sent over HTTPS to CloudStack management server

...

7) If the access is granted, a an internal console session to the hypervisor that hosts the VM will be initiated and information will be passed back to Console proxy VM through the same agent/management server Channel

...

• Use 128 bit AES encryption to replace previous 64-bit DES encryption to generate the opaque token mentioned in step 2
• Use Java SecureRandom class to randomly generate the 128 bit encryption key at per-installation basis.
  

Two hidden configuration variables are added to store the encryption key and IV vector

...