CVE-2024-38292
In Extreme Networks XIQ-SE before 24.2.11, due to a missing access control check, a path traversal is possible, which may lead to privilege escalation.
CVE-2024-38291
In XIQ-SE before 24.2.11, a low-privileged user may be able to access admin passwords, which could lead to privilege escalation.
CVE-2024-38290
In XIQ-SE before 24.2.11, a server misconfiguration may allow user enumeration when specific conditions are met.