Security Advisory

CVE-2024-11220

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-12-06 17:45:51

Last updated 2024-12-06 20:43:08

Assigner icscert

State PUBLISHED

Description

A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. Any code within the rdlx file of the report executes with SYSTEM privileges, resulting in privilege escalation.

← Browse all CVEs View on cve.org ↗