Empowering Excellence: ShapeBlue’s Commitment to Employee Ownership
At ShapeBlue, our employees are not just our workforce – they are our partners in success. We have built our organisational culture around core values of empowerment, ownership and responsibility, openness, honesty and fairness, and creating value through our work. Our commitment to these principles forms the foundation of our employee ownership model, fostering a […]
ShapeBlue Team Members will be presenting at the CloudStack European User Group 2024
The ShapeBlue team is excited about the upcoming CloudStack European User Group 2024, scheduled for September 19th in Frankfurt. Hosted by proIO, a leading German Private Cloud and Managed Hosting Provider, this event will feature a day of insightful CloudStack-focus presentations. We are excited to see ShapeBlue CEO, Giles Sirett and Technical Marketing Manager, Marco […]
ShapeBlue Security Advisory: Apache CloudStack Security Releases 4.18.2.3 and 4.19.1.1
The Apache CloudStack project has announced an advisory against CVE-2024-42062 and CVE-2024-42222, both of severity rating ‘critical’, explained below. CVE-2024-42062: User Key Exposure to Domain Admins CloudStack account-users by default use username and password based authentication for API and UI access. Account-users can generate and register randomised API and secret keys and use them for the […]
ShapeBlue Security Advisory: Apache CloudStack CVE-2024-41107 SAML Signature Exclusion
The Apache CloudStack project has announced an advisory against CVE-2024-41107 that affects CloudStack SAML users, of severity ‘important’ explained below. CVE-2024-41107: SAML Signature Exclusion The CloudStack SAML authentication (disabled by default) does not enforce signature check. In CloudStack environments where SAML authentication is enabled, an attacker that initiates CloudStack SAML single sign-on authentication can bypass […]
ShapeBlue Invites IaaS Builders, Cloud Providers and MSPs to Join Us at the Largest CloudStack Event in Madrid
As always, ShapeBlue is proud to announce that for another year we support the CloudStack Collaboration Conference – the premier event for the global CloudStack community. This year’s conference will occur from November 20-22 in the vibrant city of Madrid, Spain, at the Orense34 conference center. It promises to be the largest and most engaging […]
ShapeBlue Security Advisory: Apache CloudStack Security Releases 4.18.2.1 and 4.19.0.2
The Apache CloudStack project has announced an advisory against CVE-2024-38346 and CVE-2024-39864, both of severity rating ‘important’, explained below. CVE-2024-38346: Unauthenticated cluster service port leads to remote execution The CloudStack cluster service runs on unauthenticated port (default 9090) that can be misused to run arbitrary commands on targeted hypervisors and CloudStack management server hosts. Some of […]
ShapeBlue Con 2024 Roundup
From May 13-17, the ShapeBlue team gathered once again in the stunning Lake District, UK, for ShapeBlue Con 2024. This annual get-together is a highlight of our year, providing an opportunity for us to connect in person, brainstorm new ideas, and strengthen our bonds. For a team that works mostly remotely, these face-to-face events are […]
ShapeBlue, the CloudStack company, announces a strategic partnership with proIO to deliver private cloud services in Germany
ShapeBlue, a leader in delivering CloudStack engineering services and support, announces a partnership with proIO, a German Private Cloud Provider empowering SMBs across various industries through its Infrastructure-as-a-Service and Managed Hosting solutions. This collaboration marks a new milestone in advancing cloud infrastructure solutions and support for organizations in the region, implementing Apache CloudStack as their […]
ShapeBlue Security Advisory : Apache CloudStack Security Releases 4.18.1.1 and 4.19.0.1
Overview Apache CloudStack project has issued an advisory against the following CVEs: CVE-2024-29006: x-forwarded-for HTTP header parsed by default Severity: moderate Description: By default the CloudStack management server honours the x-forwarded-for HTTP header and logs it as the source IP of an API request. This could lead to authentication bypass and other operational problems should […]
ShapeBlue Supporting the Apache CloudStack Community at CloudFest
CloudFest is the #1 internet infrastructure event in the world, connecting the global cloud computing industry. By attending CloudFest, you’ll form the partnerships that help you reach your business goals, and have a great time doing so. CloudFest returns to deliver an even bigger, more engaging live event experience that will surprise longtime attendees and […]
