Security Advisory

CVE-2024-9953

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-14 21:19:26

Last updated 2025-03-20 18:58:47

Assigner certcc

State PUBLISHED

Description

A potential denial-of-service (DoS) vulnerability exists in CERT VINCE software versions prior to 3.0.8. An authenticated administrative user can inject an arbitrary pickle object into a user’s profile, which may lead to a DoS condition when the profile is accessed. While the Django server restricts unpickling to prevent server crashes, this vulnerability could still disrupt operations.

← Browse all CVEs View on cve.org ↗