CVE-2024-36456

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.
CVSS

No CVSS.

Configurations

No configuration.

History

21 Nov 2024, 09:22

Type Values Removed Values Added
References () https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678 - () https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678 -

01 Aug 2024, 13:52

Type Values Removed Values Added
CWE CWE-94

16 Jul 2024, 13:43

Type Values Removed Values Added
Summary
  • (es) Esta vulnerabilidad permite a un atacante no autenticado lograr la ejecución remota de comandos en el sistema PAM afectado cargando un archivo de actualización de PAM especialmente manipulado.

15 Jul 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-15 14:15

Updated : 2024-11-21 09:22


NVD link : CVE-2024-36456

Mitre link : CVE-2024-36456

CVE.ORG link : CVE-2024-36456


JSON object : View

Products Affected

No product.

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')