Security Advisory

CVE-2021-40066

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-16 11:18:27

Last updated 2024-08-04 02:27:31

Assigner NetMotion

State PUBLISHED

Description

The access controls on the Mobility read-only API improperly validate user access permissions. Attackers with both network access to the API and valid credentials can read data from it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v11.76 and Mobility v12.14.

← Browse all CVEs View on cve.org ↗