Security Advisory

CVE-2021-27963

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-03-05 01:37:36
Last updated 2024-08-03 21:33:17
Assigner mitre
State PUBLISHED

Description

SonLogger before 6.4.1 is affected by user creation with any user permissions profile (e.g., SuperAdmin). An anonymous user can send a POST request to /User/saveUser without any authentication or session header.