The following issues were resolved in ExtremeXOS 32.5.1-Patch1-6. Version 32.5.1-Patch1-6 includes all fixes up to and including the following versions: 11.6.5.3 and earlier, 12.0.5, 12.1.7, 12.2.2-patch1-12, 12.3.6, 12.4.5, 12.5.5, 12.6.3, 12.6.5, 12.7.1, 15.1.5, 15.2.4, 15.3.3, 15.4.1, 15.5.1, 15.5.2, 15.6.1, 15.6.2, 15.7.1, 16.1, 16.1.2, 16.1.3, 21.1, 22.1, 22.2, 22.3, 22.4, 22.5, 22.6, 30.1, 30.2, 30.3, 30.4, 30.5, 30.6, 30.7, 31.1, 31.2, 31.3, 31.4, 31.5, 31.6, 31.7, 32.1, 32.2, 32.3, 32.4, and 32.5. For information about those fixes, see the release notes for the specific release.
| Defect Number | Description |
|---|---|
| General | |
| EXOS-34454 | Restrict access to ExtremeXOS or Switch Engine internal services. |
| EXOS-34455 | Validate user input before processing JSONRPC request. |
| EXOS-34456 | Prevent directory listing/access using HTTP/HTTPS service. |
| EXOS-34497 | Set SameSite attribute appropriately for cookies set by HTTP/HTTPS service. |