CVE-2025-24502
CVE-2025-24502
An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
Productos afectados
Broadcom · Symantec Privileged Access Management¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →