Security Advisory

CVE-2022-30290

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-07-05 12:43:40

Last updated 2024-08-03 06:48:34

Assigner mitre

State PUBLISHED

Description

In OpenCTI through 5.2.4, a broken access control vulnerability has been identified in the profile endpoint. An attacker can abuse the identified vulnerability in order to arbitrarily change their registered e-mail address as well as their API key, even though such action is not possible through the interface, legitimately.

← Browse all CVEs View on cve.org ↗