CVE Vulnerabilities

CVE-2020-18305

Improper Authentication

Published: May 14, 2024 | Modified: Jul 03, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

Extreme Networks EXOS before v.22.7 and before v.30.2 was discovered to contain an issue in its Web GUI which fails to restrict URL access, allowing attackers to access sensitive information or escalate privileges.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Potential Mitigations

References