Security Advisory

CVE-2020-25844

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-31 07:45:46

Last updated 2024-09-16 16:53:50

Assigner twcert

State PUBLISHED

Description

The digest generation function of NHIServiSignAdapter has not been verified for parameter’s length, which leads to a stack overflow loophole. Remote attackers can use the leak to execute code without privilege.

← Browse all CVEs View on cve.org ↗