Security Advisory

CVE-2025-3722

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-26 11:08:53

Last updated 2025-06-26 12:59:09

Assigner trellix

State PUBLISHED

Description

A path traversal vulnerability in System Information Reporter (SIR) 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and exposing sensitive information disclosure.

← Browse all CVEs View on cve.org ↗