Security Advisory

CVE-2020-21994

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-28 14:50:56

Last updated 2024-08-04 14:30:33

Assigner mitre

State PUBLISHED

Description

AVE DOMINAplus <=1.10.x suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/authClients.xml and obtain administrative login information that allows for a successful authentication bypass attack.

← Browse all CVEs View on cve.org ↗