CVE-2024-38292

In Extreme Networks XIQ-SE before 24.2.11, due to a missing access control check, a path traversal is possible, which may lead to privilege escalation...

CVE-2024-38290

In XIQ-SE before 24.2.11, a server misconfiguration may allow user enumeration when specific conditions are met...

CVE-2024-38290

In XIQ-SE before 24.2.11, a server misconfiguration may allow user enumeration when specific conditions are met...

CVE-2024-38291

In XIQ-SE before 24.2.11, a low-privileged user may be able to access admin passwords, which could lead to privilege escalation...

Extreme Networks Extreme ExtremeCloud IQ Site Engine 安全漏洞

Extreme Networks ExtremeCloud IQ Site Engine Extreme Networks XIQ-SE is a site engine from Extreme Networks, Inc. provides end-to-end management of wired and wireless devices from the edge to the data center and across multi-vendor environments. A security vulnerability exists in Extreme Networks...

PT-2025-9026 · Xiq-Se · Xiq-Se

Name of the Vulnerable Software and Affected Versions: XIQ-SE versions prior to 24.2.11 Description: A server misconfiguration in XIQ-SE may allow user enumeration under specific conditions. Recommendations: For versions prior to 24.2.11, update to version 24.2.11 or later to resolve the issue...

Extreme Networks Extreme ExtremeCloud IQ Site Engine 路径遍历漏洞

Extreme Networks ExtremeCloud IQ Site Engine Extreme Networks XIQ-SE is a site engine from Extreme Networks, Inc. providing end-to-end management of wired and wireless devices from the edge to the data center and across multi-vendor environments. A path traversal vulnerability exists in Extreme...