CVE-2025-24502

Medium CVSS: 5.3

An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.

Vendor

Product

CWE

CWE-384

Yayın Tarihi

2025-01-30 19:15:14

Güncelleme

2025-02-05 05:15:11

Source Identifier

secure@symantec.com

KEV Date Added

Kategoriler

CWE-384 MEDIUM 2025

Referanslar

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362