Security Advisory

CVE-2023-41089

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-19 18:13:25
Last updated 2024-09-12 17:54:32
Assigner icscert
State PUBLISHED

Description

The affected product is vulnerable to an improper authentication vulnerability, which may allow an attacker to impersonate a legitimate user as long as the device keeps the session active, since the attack takes advantage of the cookie header to generate "legitimate" requests.