Security Advisory

CVE-2025-64349

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-31 18:31:42

Last updated 2025-12-02 14:55:52

Assigner cisa-cg

State PUBLISHED

Description

ELOG allows an authenticated user to modify another users profile. An attacker can edit a target users email address, then request a password reset, and take control of the target account. By default, ELOG is not configured to allow self-registration.

← Browse all CVEs View on cve.org ↗