Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Extreme Platform ONE by Extreme Networks

    CVE-2026-9831 (GCVE-0-2026-9831)

    Vulnerability from nvd – Published: 2026-05-29 21:19 – Updated: 2026-06-01 13:53
    VLAI
    Title
    ExtremeCloud IQ Cross Tenant Data Exposure via Extreme Platform One Authentication Race Condition
    Summary
    A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with an Extreme Platform ONE /IAM-issued API key to receive response data for another tenant. The issue was observed through ExtremeCloud IQ/XIQ API endpoints and validated against both XIQ/XAPI and Extreme Platform ONE /Common Services API paths. XIQ-native tokens and standard OAuth/Bearer JWT authentication were not affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)
    • CWE-488 - Exposure of data element to wrong session
    Assigner
    References
    Impacted products
    Vendor Product Version
    Extreme Networks Extreme Platform ONE Affected: 0 , < 25.10.0-104 (custom)
    Unaffected: 25.10.0-104 (custom)
    Create a notification for this product.
    Date Public
    2026-05-29 21:09
    Credits
    Sebastian Koller of Iteas IT Services GmbH (Austria) for responsible discovery and disclosure of this vulnerability. Sebastian Koller of Iteas IT Services GmbH (Austria) for responsible coordination and providing detailed evidence supporting root cause identification.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9831",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:52:52.575235Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:53:05.140Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "SaaS (Cloud Hosted)"
              ],
              "product": "Extreme Platform ONE",
              "vendor": "Extreme Networks",
              "versions": [
                {
                  "lessThan": "25.10.0-104",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "25.10.0-104",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Sebastian Koller of Iteas IT Services GmbH (Austria) for responsible discovery and disclosure of this vulnerability."
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Sebastian Koller of Iteas IT Services GmbH (Austria) for responsible coordination and providing detailed evidence supporting root cause identification."
            }
          ],
          "datePublic": "2026-05-29T21:09:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A race condition in the shared Extreme Platform\nONE IAM Gateway API-key authentication path could, under specific\nhigh-concurrency traffic conditions, intermittently allow requests\nauthenticated with an Extreme Platform ONE /IAM-issued API key to receive\nresponse data for another tenant. The issue was observed through ExtremeCloud\nIQ/XIQ API endpoints and validated against both XIQ/XAPI and Extreme Platform ONE\n/Common Services API paths. XIQ-native tokens and standard OAuth/Bearer JWT\nauthentication were not affected."
                }
              ],
              "value": "A race condition in the shared Extreme Platform\nONE IAM Gateway API-key authentication path could, under specific\nhigh-concurrency traffic conditions, intermittently allow requests\nauthenticated with an Extreme Platform ONE /IAM-issued API key to receive\nresponse data for another tenant. The issue was observed through ExtremeCloud\nIQ/XIQ API endpoints and validated against both XIQ/XAPI and Extreme Platform ONE\n/Common Services API paths. XIQ-native tokens and standard OAuth/Bearer JWT\nauthentication were not affected."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-74",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-74: Manipulating State"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-362",
                  "description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-488",
                  "description": "CWE-488 Exposure of data element to wrong session",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-29T21:19:17.118Z",
            "orgId": "1c053176-eef3-4d6a-ae0b-24728c86587b",
            "shortName": "ExtremeNetworks"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://community.extremenetworks.com/t5/security-advisories-formerly/sa-2026-048-extremecloud-iq-cross-tenant-data-exposure-via/ba-p/121851"
            }
          ],
          "source": {
            "advisory": "SA-2026-048",
            "discovery": "EXTERNAL"
          },
          "title": "ExtremeCloud IQ Cross Tenant Data Exposure via Extreme Platform One Authentication Race Condition",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1c053176-eef3-4d6a-ae0b-24728c86587b",
        "assignerShortName": "ExtremeNetworks",
        "cveId": "CVE-2026-9831",
        "datePublished": "2026-05-29T21:19:17.118Z",
        "dateReserved": "2026-05-28T12:21:45.520Z",
        "dateUpdated": "2026-06-01T13:53:05.140Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-9831 (GCVE-0-2026-9831)

    Vulnerability from cvelistv5 – Published: 2026-05-29 21:19 – Updated: 2026-06-01 13:53
    VLAI
    Title
    ExtremeCloud IQ Cross Tenant Data Exposure via Extreme Platform One Authentication Race Condition
    Summary
    A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with an Extreme Platform ONE /IAM-issued API key to receive response data for another tenant. The issue was observed through ExtremeCloud IQ/XIQ API endpoints and validated against both XIQ/XAPI and Extreme Platform ONE /Common Services API paths. XIQ-native tokens and standard OAuth/Bearer JWT authentication were not affected.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)
    • CWE-488 - Exposure of data element to wrong session
    Assigner
    References
    Impacted products
    Vendor Product Version
    Extreme Networks Extreme Platform ONE Affected: 0 , < 25.10.0-104 (custom)
    Unaffected: 25.10.0-104 (custom)
    Create a notification for this product.
    Date Public
    2026-05-29 21:09
    Credits
    Sebastian Koller of Iteas IT Services GmbH (Austria) for responsible discovery and disclosure of this vulnerability. Sebastian Koller of Iteas IT Services GmbH (Austria) for responsible coordination and providing detailed evidence supporting root cause identification.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-9831",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-01T13:52:52.575235Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-01T13:53:05.140Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "platforms": [
                "SaaS (Cloud Hosted)"
              ],
              "product": "Extreme Platform ONE",
              "vendor": "Extreme Networks",
              "versions": [
                {
                  "lessThan": "25.10.0-104",
                  "status": "affected",
                  "version": "0",
                  "versionType": "custom"
                },
                {
                  "status": "unaffected",
                  "version": "25.10.0-104",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Sebastian Koller of Iteas IT Services GmbH (Austria) for responsible discovery and disclosure of this vulnerability."
            },
            {
              "lang": "en",
              "type": "reporter",
              "value": "Sebastian Koller of Iteas IT Services GmbH (Austria) for responsible coordination and providing detailed evidence supporting root cause identification."
            }
          ],
          "datePublic": "2026-05-29T21:09:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "A race condition in the shared Extreme Platform\nONE IAM Gateway API-key authentication path could, under specific\nhigh-concurrency traffic conditions, intermittently allow requests\nauthenticated with an Extreme Platform ONE /IAM-issued API key to receive\nresponse data for another tenant. The issue was observed through ExtremeCloud\nIQ/XIQ API endpoints and validated against both XIQ/XAPI and Extreme Platform ONE\n/Common Services API paths. XIQ-native tokens and standard OAuth/Bearer JWT\nauthentication were not affected."
                }
              ],
              "value": "A race condition in the shared Extreme Platform\nONE IAM Gateway API-key authentication path could, under specific\nhigh-concurrency traffic conditions, intermittently allow requests\nauthenticated with an Extreme Platform ONE /IAM-issued API key to receive\nresponse data for another tenant. The issue was observed through ExtremeCloud\nIQ/XIQ API endpoints and validated against both XIQ/XAPI and Extreme Platform ONE\n/Common Services API paths. XIQ-native tokens and standard OAuth/Bearer JWT\nauthentication were not affected."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-74",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-74: Manipulating State"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "LOW",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-362",
                  "description": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-488",
                  "description": "CWE-488 Exposure of data element to wrong session",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-29T21:19:17.118Z",
            "orgId": "1c053176-eef3-4d6a-ae0b-24728c86587b",
            "shortName": "ExtremeNetworks"
          },
          "references": [
            {
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://community.extremenetworks.com/t5/security-advisories-formerly/sa-2026-048-extremecloud-iq-cross-tenant-data-exposure-via/ba-p/121851"
            }
          ],
          "source": {
            "advisory": "SA-2026-048",
            "discovery": "EXTERNAL"
          },
          "title": "ExtremeCloud IQ Cross Tenant Data Exposure via Extreme Platform One Authentication Race Condition",
          "x_generator": {
            "engine": "Vulnogram 1.0.2"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1c053176-eef3-4d6a-ae0b-24728c86587b",
        "assignerShortName": "ExtremeNetworks",
        "cveId": "CVE-2026-9831",
        "datePublished": "2026-05-29T21:19:17.118Z",
        "dateReserved": "2026-05-28T12:21:45.520Z",
        "dateUpdated": "2026-06-01T13:53:05.140Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }