CVE-2024-7872

HIGH 7.6

Sensetive Data Exposure in ExtremePACS' Extreme XDS

CVSS Score

7.6

EPSS Score

0.1%

EPSS Percentile

19th

Insertion of Sensitive Information Into Sent Data vulnerability in ExtremePACS Extreme XDS allows Retrieve Embedded Sensitive Data. This issue affects Extreme XDS: before 3933.

CWE	CWE-201
Vendor	extremepacs
Product	extreme xds
Published	Mar 6, 2025
Last Updated	Jun 2, 2026

Stay Ahead of the Next One

Get instant alerts for extremepacs extreme xds

Be the first to know when new high vulnerabilities affecting extremepacs extreme xds are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

Attack Vector

Adjacent

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

Low

Affected Versions

ExtremePACS / Extreme XDS

0 < 3933

References

NVD ↗ CVE.org ↗ EPSS Data ↗

usom.gov.tr: https://www.usom.gov.tr/bildirim/tr-25-0057 siberguvenlik.gov.tr: https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0057

Credits

Mustafa Anil YILDIRIM