CVE-2025-24502

Vulnerability Description

An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.

Related Weaknesses (CWE)

CWE-384

References

https://support.broadcom.com/web/ecx/support-content-notification/-/external/con

FAQ

What is CVE-2025-24502?

CVE-2025-24502 is a documented vulnerability. An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.

How severe is CVE-2025-24502?

CVSS scoring is not yet available for CVE-2025-24502. Check NVD for updates.

Is there a patch for CVE-2025-24502?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.