Security Advisory

CVE-2024-11318

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-18 13:47:19

Last updated 2024-11-18 14:08:35

Assigner INCIBE

State PUBLISHED

Description

An IDOR (Insecure Direct Object Reference) vulnerability has been discovered in AbsysNet, affecting version 2.3.1. This vulnerability could allow a remote attacker to obtain the session of an unauthenticated user by brute-force attacking the session identifier on the "/cgi-bin/ocap/" endpoint.

← Browse all CVEs View on cve.org ↗