An authentication-bypass issue in the RDP component of One Identity Safeguard for Privileged Sessions (SPS) On Premise before 7.5.1 (and LTS before 7.0.5.1) allows man-in-the-middle attackers to obtain access to privileged sessions on target resources by intercepting cleartext RDP protocol information.
Metrics
Affected Vendors & Products
References
History
Thu, 24 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Oneidentity
Oneidentity safeguard For Privileged Sessions |
|
Weaknesses | CWE-319 | |
CPEs | cpe:2.3:a:oneidentity:safeguard_for_privileged_sessions:*:*:*:*:*:*:*:* | |
Vendors & Products |
Oneidentity
Oneidentity safeguard For Privileged Sessions |
|
Metrics |
cvssV3_1
|
Thu, 24 Oct 2024 05:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An authentication-bypass issue in the RDP component of One Identity Safeguard for Privileged Sessions (SPS) On Premise before 7.5.1 (and LTS before 7.0.5.1) allows man-in-the-middle attackers to obtain access to privileged sessions on target resources by intercepting cleartext RDP protocol information. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-10-24T00:00:00
Updated: 2024-10-24T14:14:18.812Z
Reserved: 2024-07-06T00:00:00
Link: CVE-2024-40595
Vulnrichment
Updated: 2024-10-24T14:14:10.225Z
NVD
Status : Awaiting Analysis
Published: 2024-10-24T06:15:11.703
Modified: 2024-10-25T12:56:07.750
Link: CVE-2024-40595
Redhat
No data.