Security Advisory

CVE-2024-38446

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-17 00:00:00

Last updated 2024-11-07 16:01:16

Assigner mitre

State PUBLISHED

Description

NATO NCI ANET 3.4.1 mishandles report ownership. A user can create a report and, despite the restrictions imposed by the UI, change the author of that report to an arbitrary user (without their consent or knowledge) via a modified UUID in a POST request.

← Browse all CVEs View on cve.org ↗