Security News > 2024 > September > Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)
2024-09-19 12:30
Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow attackers to gain full administrative access to the virtual appliance. “Once an attacker has gained an authenticated administrative session on the appliance, they can carry out any action that a legitimate administrator user would be capable of. This includes the ability to reconfigure settings on the appliance, or modify policies to allow … More → The post Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/09/19/cve-2024-45488/
Related news
- SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) (source)
- Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management (source)
- Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution (source)
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
- PAN-OS authentication bypass hole plugged, PoC is public (CVE-2025-0108) (source)
- Juniper patches critical auth bypass in Session Smart routers (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-30 | CVE-2024-45488 | One Identity Safeguard for Privileged Passwords before 7.5.2 allows unauthorized access because of an issue related to cookies. | 0.0 |