CVE-2026-42063
MediumCVSS 4.9Exploitation Probability (EPSS)
Low risk20th percentile - higher than 20% of all known CVEs
Summary
A vulnerability exists in iControl SOAP that allows an authenticated attacker with the Resource Administrator or Administrator role to download sensitive files.
Risk Assessment
An attacker could gain access to confidential information, potentially leading to serious security breaches within the organization.
Recommendation
It is recommended to restrict access to the Resource Administrator and Administrator roles and to update the software to versions that have not reached End of Technical Support.
Original NVD description (English source)
A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource Administrator or Administrator role can download sensitive files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

