CVE Catalog

CVE-2026-35062

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.25%

16th percentile - higher than 16% of all known CVEs

Summary

An authenticated iControl SOAP user may be able to obtain information of other accounts. The vulnerability affects software versions that have not reached End of Technical Support.

Risk Assessment

The risk involves potential leakage of credentials or account information of other users, which could lead to privilege escalation or confidentiality breach.

Recommendation

It is recommended to immediately update the software to the latest available version and restrict access to the iControl SOAP interface to trusted users only.

Original NVD description (English source)

An authenticated iControl SOAP user may be able to obtain information of other accounts.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS