Security Advisory

CVE-2022-2105

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-24 15:00:31

Last updated 2025-04-16 16:16:16

Assigner icscert

State PUBLISHED

Description

Client-side JavaScript controls may be bypassed to change user credentials and permissions without authentication, including a “root” user level meant only for the vendor. Web server root level access allows for changing of safety critical parameters.

← Browse all CVEs View on cve.org ↗