Security Advisory

CVE-2024-27113

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-09-11 13:41:16

Last updated 2025-03-11 13:38:34

Assigner DIVD

State PUBLISHED

Description

An unauthenticated Insecure Direct Object Reference (IDOR) to the database has been found in the SO Planning tool that occurs when the public view setting is enabled. An attacker could use this vulnerability to gain access to the underlying database by exporting it as a CSV file. The vulnerability has been remediated in version 1.52.02.

← Browse all CVEs View on cve.org ↗