Security Advisory

CVE-2025-30038

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-27 10:20:35

Last updated 2025-08-27 16:11:57

Assigner CERT-PL

State PUBLISHED

Description

The vulnerability consists of a session ID leak when saving a file downloaded from CGM CLININET. The identifier is exposed through a built-in Windows security feature that stores additional metadata in an NTFS alternate data stream (ADS) for all files downloaded from potentially untrusted sources.

← Browse all CVEs View on cve.org ↗