Web GUI Vulnerability in Extreme Networks EXOS
CVE-2020-18305

8HIGH

Key Information:

Vendor: Extreme Networks
Status: Extremexos
Vendor: CVE Published:; 14 May 2024

🔔 Create Extreme Networks Vulnerability Alert

What is CVE-2020-18305?

A security weakness exists in the Web GUI of Extreme Networks EXOS prior to version 22.7 and earlier than version 30.2, which lacks adequate restrictions on URL access. This flaw can be exploited by attackers to gain unauthorized access to sensitive information or escalate their privileges. Proper measures should be implemented to mitigate risks associated with this vulnerability to protect organizational data and ensure system integrity.

References

https://gist.github.com/yasinyilmaz/1fe3fe58dd275edb77dcb...

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 14, 2024

JSON