Security Advisory

CVE-2021-41301

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-30 10:41:06

Last updated 2024-09-16 16:53:19

Assigner twcert

State PUBLISHED

Description

ECOA BAS controller is vulnerable to configuration disclosure when direct object reference is made to the specific files using an HTTP GET request. This will enable the unauthenticated attacker to remotely disclose sensitive information and help her in authentication bypass, privilege escalation and full system access.

← Browse all CVEs View on cve.org ↗