CVE-2024-4332 - Vulnerability Details - OpenCVE

An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional "Auto-synchronize LDAP Users, Roles, and Groups" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact Low

Subsequent System Integrity Impact Low

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00282.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Fortra	Tripwire Enterprise

No data.

No data.

No data.

References

Link	Providers
https://www.fortra.com/security/advisory/fi-2024-006

History

Fri, 29 Aug 2025 21:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fortra Fortra tripwire Enterprise
CPEs		cpe:2.3:a:fortra:tripwire_enterprise:9.1.0:::::::*
Vendors & Products		Fortra Fortra tripwire Enterprise
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 29 Aug 2025 20:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-306

Sat, 12 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00765}`	epss `{'score': 0.00416}`

MITRE

Status: PUBLISHED

Assigner: Fortra

Published: 2024-06-03T17:38:54.516Z

Updated: 2025-08-29T20:20:21.394Z

Reserved: 2024-04-29T22:31:16.171Z

Link: CVE-2024-4332

Vulnrichment

Updated: 2024-08-01T20:40:47.145Z

NVD

Status : Awaiting Analysis

Published: 2024-06-03T18:15:09.060

Modified: 2025-08-29T21:15:34.930

Link: CVE-2024-4332

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4332", "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "state": "PUBLISHED", "assignerShortName": "Fortra", "dateReserved": "2024-04-29T22:31:16.171Z", "datePublished": "2024-06-03T17:38:54.516Z", "dateUpdated": "2025-08-29T20:20:21.394Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["API authentication", "REST API", "SOAP API"], "product": "Tripwire Enterprise", "vendor": "Fortra", "versions": [{"status": "affected", "version": "9.1.0"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional \"Auto-synchronize LDAP Users, Roles, and Groups\" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification.\n\n \n\n<br><br><p><br></p>"}], "value": "An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional \"Auto-synchronize LDAP Users, Roles, and Groups\" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification."}], "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"cvssV4_0": {"Automatable": "YES", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "RED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/S:N/AU:Y/R:U/V:C/RE:L/U:Red", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "LOW"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-303", "description": "CWE-303 Incorrect Implementation of Authentication Algorithm", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "shortName": "Fortra", "dateUpdated": "2025-08-29T20:20:21.394Z"}, "references": [{"url": "https://www.fortra.com/security/advisory/fi-2024-006"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Upgrade to Tripwire Enterprise 9.1.1 or higher to remediate the vulnerability."}], "value": "Upgrade to Tripwire Enterprise 9.1.1 or higher to remediate the vulnerability."}], "source": {"discovery": "UNKNOWN"}, "title": "Improper Authentication in Tripwire Enterprise 9.1.0 APIs", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "To mitigate this issue in TE 9.1.0, disable the \"Auto-synchronize LDAP Users, Roles, and Groups\" feature when using LDAP/Active Directory SAML authentication. Be aware that doing so will disable API functionality. To continue using the APIs, configure an alternate login method or upgrade to TE 9.1.1 or higher."}], "value": "To mitigate this issue in TE 9.1.0, disable the \"Auto-synchronize LDAP Users, Roles, and Groups\" feature when using LDAP/Active Directory SAML authentication. Be aware that doing so will disable API functionality. To continue using the APIs, configure an alternate login method or upgrade to TE 9.1.1 or higher."}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"affected": [{"vendor": "fortra", "product": "tripwire_enterprise", "cpes": ["cpe:2.3:a:fortra:tripwire_enterprise:9.1.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "9.1.0", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-07T03:56:07.398810Z", "id": "CVE-2024-4332", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-07T10:00:29.769Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:40:47.145Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.fortra.com/security/advisory/fi-2024-006", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.fortra.com/security/advisory/fi-2024-006", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T20:40:47.145Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4332", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-06-07T03:56:07.398810Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:fortra:tripwire_enterprise:9.1.0:*:*:*:*:*:*:*"], "vendor": "fortra", "product": "tripwire_enterprise", "versions": [{"status": "affected", "version": "9.1.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-07T10:00:25.463Z"}}], "cna": {"title": "Improper Authentication in Tripwire Enterprise 9.1.0 APIs", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-115", "descriptions": [{"lang": "en", "value": "CAPEC-115 Authentication Bypass"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NEGLIGIBLE", "version": "4.0", "Recovery": "USER", "baseScore": 9.3, "Automatable": "YES", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/S:N/AU:Y/R:U/V:C/RE:L/U:Red", "providerUrgency": "RED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Fortra", "modules": ["API authentication", "REST API", "SOAP API"], "product": "Tripwire Enterprise", "versions": [{"status": "affected", "version": "9.1.0"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to Tripwire Enterprise 9.1.1 or higher to remediate the vulnerability.", "supportingMedia": [{"type": "text/html", "value": "Upgrade to Tripwire Enterprise 9.1.1 or higher to remediate the vulnerability.", "base64": false}]}], "references": [{"url": "https://www.fortra.com/security/advisory/fi-2024-006"}], "workarounds": [{"lang": "en", "value": "To mitigate this issue in TE 9.1.0, disable the \"Auto-synchronize LDAP Users, Roles, and Groups\" feature when using LDAP/Active Directory SAML authentication. Be aware that doing so will disable API functionality. To continue using the APIs, configure an alternate login method or upgrade to TE 9.1.1 or higher.", "supportingMedia": [{"type": "text/html", "value": "To mitigate this issue in TE 9.1.0, disable the \"Auto-synchronize LDAP Users, Roles, and Groups\" feature when using LDAP/Active Directory SAML authentication. Be aware that doing so will disable API functionality. To continue using the APIs, configure an alternate login method or upgrade to TE 9.1.1 or higher.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional \"Auto-synchronize LDAP Users, Roles, and Groups\" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification.", "supportingMedia": [{"type": "text/html", "value": "An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional \"Auto-synchronize LDAP Users, Roles, and Groups\" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification.\n\n \n\n<br><br><p><br></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-303", "description": "CWE-303 Incorrect Implementation of Authentication Algorithm"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-306", "description": "CWE-306 Missing Authentication for Critical Function"}]}], "providerMetadata": {"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "shortName": "Fortra", "dateUpdated": "2025-08-29T20:20:21.394Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4332", "state": "PUBLISHED", "dateUpdated": "2025-08-29T20:20:21.394Z", "dateReserved": "2024-04-29T22:31:16.171Z", "assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "datePublished": "2024-06-03T17:38:54.516Z", "assignerShortName": "Fortra"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An authentication bypass vulnerability has been identified in the REST and SOAP API components of Tripwire Enterprise (TE) 9.1.0 when TE is configured to use LDAP/Active Directory SAML authentication and its optional \"Auto-synchronize LDAP Users, Roles, and Groups\" feature is enabled. This vulnerability allows unauthenticated attackers to bypass authentication if a valid username is known. Exploitation of this vulnerability could allow remote attackers to gain privileged access to the APIs and lead to unauthorized information disclosure or modification."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n en los componentes API REST y SOAP de Tripwire Enterprise (TE) 9.1.0 cuando TE est\u00e1 configurado para usar autenticaci\u00f3n SAML LDAP/Active Directory y su opci\u00f3n \"Sincronizar autom\u00e1ticamente usuarios, roles y grupos LDAP\" La funci\u00f3n est\u00e1 habilitada. Esta vulnerabilidad permite a atacantes no autenticados eludir la autenticaci\u00f3n si conocen un nombre de usuario v\u00e1lido. La explotaci\u00f3n de esta vulnerabilidad podr\u00eda permitir a atacantes remotos obtener acceso privilegiado a las API y provocar la divulgaci\u00f3n o modificaci\u00f3n no autorizada de informaci\u00f3n."}], "id": "CVE-2024-4332", "lastModified": "2025-08-29T21:15:34.930", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "YES", "Recovery": "USER", "Safety": "NEGLIGIBLE", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 9.3, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "RED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:C/RE:L/U:Red", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "LOW"}, "source": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "type": "Secondary"}]}, "published": "2024-06-03T18:15:09.060", "references": [{"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "url": "https://www.fortra.com/security/advisory/fi-2024-006"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.fortra.com/security/advisory/fi-2024-006"}], "sourceIdentifier": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-303"}, {"lang": "en", "value": "CWE-306"}], "source": "df4dee71-de3a-4139-9588-11b62fe6c0ff", "type": "Secondary"}]}