Extreme Networks · Extreme Networks Exos · CVE-2020-18305
**Name of the Vulnerable Software and Affected Versions**
Extreme Networks EXOS versions prior to 22.7
Extreme Networks EXOS versions prior to 30.2
**Description**
The issue is related to the Web GUI of Extreme Networks EXOS, which fails to restrict URL access. This allows attackers to access sensitive information or escalate privileges.
**Recommendations**
For Extreme Networks EXOS versions prior to 22.7, update to version 22.7 or later to resolve the issue.
For Extreme Networks EXOS versions prior to 30.2, update to version 30.2 or later to resolve the issue.