Security Advisory

CVE-2019-18181

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-12-19 18:17:06

Last updated 2024-08-05 01:47:13

Assigner mitre

State PUBLISHED

Description

In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only access to take actions that are otherwise restricted in the GUI.

← Browse all CVEs View on cve.org ↗