← Back

CVE-2024-38290

nvd nist
Published: Feb 27, 2025Modified: Jul 11, 2025

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Exploitability: 3.9 / Impact: 1.4
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

In XIQ-SE before 24.2.11, a server misconfiguration may allow user enumeration when specific conditions are met.

Affected (1)

Extremenetworks
1 product
Xiq Se
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Xiq Se
Before 24.2.11

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (1)

Source: cve@mitre.org
Vendor Advisory

Timeline

No history available yet.