PT-2025-29445 · Avid+1 · System Director Appliance+3
Cert-Bund
+1
·
Published
2025-07-14
·
Updated
2025-07-14
·
CVE-2024-26293
CVSS v4.0
8.7
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions:
Avid NEXIS E-series versions prior to 2025.5.1
Avid NEXIS F-series versions prior to 2025.5.1
Avid NEXIS PRO+ versions prior to 2025.5.1
System Director Appliance (SDA+) versions prior to 2025.5.1
Description:
The Avid Nexis Agent uses a vulnerable gSOAP version. A vulnerability in gSOAP v2.8 allows for an Unauthenticated Path Traversal.
Recommendations:
Update Avid NEXIS E-series to version 2025.5.1 or later.
Update Avid NEXIS F-series to version 2025.5.1 or later.
Update Avid NEXIS PRO+ to version 2025.5.1 or later.
Update System Director Appliance (SDA+) to version 2025.5.1 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Avid Nexis E-Series
Avid Nexis Pro+
System Director Appliance
Gsoap