Security Advisory

CVE-2024-10953

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-09 00:42:55

Last updated 2025-10-14 19:03:41

Assigner AMZN

State PUBLISHED

Description

An authenticated data.all user is able to perform mutating UPDATE operations on persisted Notification records in data.all for group notifications that their user is not a member of.

← Browse all CVEs View on cve.org ↗