CVE-2024-40595

An authentication-bypass issue in the RDP component of One Identity Safeguard for Privileged Sessions (SPS) On Premise before 7.5.1 (and LTS before 7.0.5.1) allows man-in-the-middle attackers to obtain access to privileged sessions on target resources by intercepting cleartext RDP protocol information.
Configurations

No configuration.

History

24 Oct 2024, 15:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.3
CWE CWE-319
Summary
  • (es) Un problema de omisión de autenticación en el componente RDP de One Identity Safeguard for Privileged Sessions (SPS) On Premise anterior a 7.5.1 (y LTS anterior a 7.0.5.1) permite a atacantes intermediarios obtener acceso a sesiones privilegiadas en recursos de destino interceptando información de protocolo RDP en texto plano.

24 Oct 2024, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-24 06:15

Updated : 2024-10-25 12:56


NVD link : CVE-2024-40595

Mitre link : CVE-2024-40595

CVE.ORG link : CVE-2024-40595


JSON object : View

Products Affected

No product.

CWE
CWE-319

Cleartext Transmission of Sensitive Information