Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3928.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Extremepacs |
|
No data.
References
| Link | Providers |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-24-0893 |
|
History
Tue, 14 Oct 2025 13:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-269 |
Tue, 14 Oct 2025 13:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Privilege Management vulnerability in Ekstrem Bir Bilgisayar Danismanlik Ic Ve Dis Ticaret Ltd. Sti. Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3928. | Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3928. |
| Title | Information Disclosure in ExtremePacs's Extreme XDS | IDOR in ExtremePacs's Extreme XDS |
| Weaknesses | CWE-639 CWE-862 |
Fri, 12 Sep 2025 07:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 12 Sep 2025 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
cvssV3_1
|
Fri, 30 Aug 2024 16:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Extremepacs
Extremepacs extreme Xds |
|
| Weaknesses | NVD-CWE-noinfo | |
| CPEs | cpe:2.3:a:extremepacs:extreme_xds:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Extremepacs
Extremepacs extreme Xds |
MITRE
Status: PUBLISHED
Assigner: TR-CERT
Published: 2024-07-08T13:46:12.791Z
Updated: 2025-10-14T12:45:23.164Z
Reserved: 2024-04-30T11:46:14.316Z
Link: CVE-2024-4341
Vulnrichment
Updated: 2024-08-01T20:40:46.494Z
NVD
Status : Modified
Published: 2024-07-08T14:15:03.167
Modified: 2025-10-14T13:15:35.310
Link: CVE-2024-4341
Redhat
No data.