CVE-2024-55570

Name of the Vulnerable Software and Affected Versions Cubro EXA48200 network packet broker versions prior to V5.0R14.5P4-V3.3R1

Description The issue concerns incorrect access control in the Cubro EXA48200 network packet broker. It allows remote authenticated users to increase their privileges by sending a single HTTP PUT request to the "/api/user/users" endpoint in the web GUI with the rolename set to Administrator.

Recommendations For versions prior to V5.0R14.5P4-V3.3R1, update to V5.0R14.5P4-V3.3R1 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/api/user/users" endpoint to prevent unauthorized privilege escalation.