Security News > 2024 > September > Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)
2024-09-19 12:30
Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow attackers to gain full administrative access to the virtual appliance. “Once an attacker has gained an authenticated administrative session on the appliance, they can carry out any action that a legitimate administrator user would be capable of. This includes the ability to reconfigure settings on the appliance, or modify policies to allow … More → The post Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/09/19/cve-2024-45488/
Related news
- Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)
- Progress urges admins to patch critical WhatsUp Gold bugs ASAP (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824) (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-30 | CVE-2024-45488 | One Identity Safeguard for Privileged Passwords before 7.5.2 allows unauthorized access because of an issue related to cookies. | 0.0 |