CVE-2024-40595 Authentication Bypass Vulnerability (4376565)

Chatee ahora con Soporte

Obtener ayuda en vivo
Completar registro

Iniciar sesión

Solicitar precios

Comuníquese con Ventas

Regresar

Comentarios enviados

¿Este artículo solucionó su problema?

Seleccionar calificación

Título

CVE-2024-40595 Authentication Bypass Vulnerability
Descripción

An authentication bypass vulnerability in the RDP component of One Identity Safeguard for Privileged Sessions allows man-in-the-middle attackers to obtain unencrypted information to access privileged sessions on target resources.

This vulnerability is identified by CVE-2024-40595.
Causa

Connection setup for the RDP protocol includes several message exchanges between the client computer and the SPS appliance. It was discovered during an internal audit that under certain configurations, a sensitive piece of information was transferred from the client to SPS in plain text. A man-in-the-middle attacker can intercept this message and use the information to bypass authentication and get access to the victim’s target resource via a monitored session in SPS.
Resolución
Resolution

Upgrade to a patched version now available for download:

For SPS 7.0.5.1 LTS is available for Download Here

For SPS 7.5.1 is available for Download Here

Impacted Versions
- All LTS before 7.0.5.1
- All feature versions before 7.5.1
Further details and mitigation factors:
- Authentication bypass is only practical when a credential store (e.g. Safeguard for Privileged Passwords) is configured in the connection policy. Otherwise, the attacker must perform a second authentication step at the target resource.
- It is not possible to perform the attack invisibly, because the vulnerable sensitive information can only be used once, and only within a fixed time window. The attacker can not mount an attack without a victim performing the gateway authentication first.
- The attacker might get access to a single session, which is recorded and monitored by SPS.
- The attacker can not set the details of the obtained session. The target server and the account is determined by the victim’s connection and the SPS configuration only.
- The integrity of the SPS appliance is not affected by this vulnerability.
- Other supported protocols than RDP are not affected by this vulnerability.
There is no known exploitation of this issue.
Solicitud de cambio

339857
Información adicional

Certain functions that previously worked but were not explicitly stated as supported may stop working as a result of this patch. If possible functionality will be investigated to be explicitly supported in a future version in a secure manner. I.E. - https://support.oneidentity.com/one-identity-safeguard-for-privileged-sessions/kb/4378449

Comentarios enviados

¿Este artículo solucionó su problema?

Seleccionar calificación

Solicitar un artículo KB

Contenido recomendado

Producto(s):: One Identity Safeguard for Privileged Sessions
7.0.5.1 LTS, 7.0.5 LTS, 7.0.4 LTS, 7.0.3.1 LTS, 7.0.3 LTS, 7.0.2.1 LTS, 7.0.2 LTS, 7.0.1.1 LTS, 7.0.1 LTS, 7.0 LTS

Tema(s):: Technical Solutions

Historial del artículo:: Creado el: 8/1/2024
Última actualización: 2/18/2025

Buscar todos los artículos

Seleccione su producto:

Con el fin de ofrecerle un mejor servicio, complete el campo Motivo del chat:

Soluciones recomendadas para su problema

CVE-2024-40595 Authentication Bypass Vulnerability (4376565)

Título

Descripción

Causa

Resolución

Resolution

Impacted Versions

Further details and mitigation factors:

Solicitud de cambio

Información adicional

Leave a Comment