Security Advisory

CVE-2026-24455

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-20 16:00:42

Last updated 2026-02-20 20:01:11

Assigner icscert

State PUBLISHED

Description

The embedded web interface of the device does not support HTTPS/TLS for authentication and uses HTTP Basic Authentication. Traffic is encoded but not encrypted, exposing user credentials to passive interception by attackers on the same network.

← Browse all CVEs View on cve.org ↗