Security Advisory

CVE-2024-45164

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-11-04 00:00:00

Last updated 2024-11-06 16:18:38

Assigner mitre

State PUBLISHED

Description

Akamai SIA (Secure Internet Access Enterprise) ThreatAvert, in SPS (Security and Personalization Services) before the latest 19.2.0 patch and Apps Portal before 19.2.0.3 or 19.2.0.20240814, has incorrect authorization controls for the Admin functionality on the ThreatAvert Policy page. An authenticated user can navigate directly to the /#app/intelligence/threatAvertPolicies URI and disable policy enforcement.

← Browse all CVEs View on cve.org ↗