Security Advisory

CVE-2025-66573

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-04 20:45:13

Last updated 2026-05-28 14:49:28

Assigner VulnCheck

State PUBLISHED

Description

Solstice Pod API (version 5.5, 6.2) contains an unauthenticated API endpoint (`/api/config`) that exposes sensitive information such as the session key, server version, product details, and display name. Unauthorized users can extract live session information by accessing this endpoint without authentication.

← Browse all CVEs View on cve.org ↗