CVE-2024-40595 Authentication Bypass Vulnerability (4376565)

Chatta subito con l'assistenza

Ottieni assistenza in tempo reale
Completa la registrazione

Accedi

Richiedi prezzo

Contatta il supporto vendite

Restituisci

Feedback inviato

Questo articolo ti è servito per risolvere il problema?

Seleziona valutazione

Titolo

CVE-2024-40595 Authentication Bypass Vulnerability
Descrizione

An authentication bypass vulnerability in the RDP component of One Identity Safeguard for Privileged Sessions allows man-in-the-middle attackers to obtain unencrypted information to access privileged sessions on target resources.

This vulnerability is identified by CVE-2024-40595.
Causa

Connection setup for the RDP protocol includes several message exchanges between the client computer and the SPS appliance. It was discovered during an internal audit that under certain configurations, a sensitive piece of information was transferred from the client to SPS in plain text. A man-in-the-middle attacker can intercept this message and use the information to bypass authentication and get access to the victim’s target resource via a monitored session in SPS.
Risoluzione
Resolution

Upgrade to a patched version now available for download:

For SPS 7.0.5.1 LTS is available for Download Here

For SPS 7.5.1 is available for Download Here

Impacted Versions
- All LTS before 7.0.5.1
- All feature versions before 7.5.1
Further details and mitigation factors:
- Authentication bypass is only practical when a credential store (e.g. Safeguard for Privileged Passwords) is configured in the connection policy. Otherwise, the attacker must perform a second authentication step at the target resource.
- It is not possible to perform the attack invisibly, because the vulnerable sensitive information can only be used once, and only within a fixed time window. The attacker can not mount an attack without a victim performing the gateway authentication first.
- The attacker might get access to a single session, which is recorded and monitored by SPS.
- The attacker can not set the details of the obtained session. The target server and the account is determined by the victim’s connection and the SPS configuration only.
- The integrity of the SPS appliance is not affected by this vulnerability.
- Other supported protocols than RDP are not affected by this vulnerability.
There is no known exploitation of this issue.
Richiesta di modifica

339857
Informazioni aggiuntive

Certain functions that previously worked but were not explicitly stated as supported may stop working as a result of this patch. If possible functionality will be investigated to be explicitly supported in a future version in a secure manner. I.E. - https://support.oneidentity.com/one-identity-safeguard-for-privileged-sessions/kb/4378449

Feedback inviato

Questo articolo ti è servito per risolvere il problema?

Seleziona valutazione

Request a KB Article

Contenuti consigliati

Prodotto/i:: One Identity Safeguard for Privileged Sessions
7.5.1, 7.5, 7.0.5.1 LTS, 7.0.5 LTS, 7.0.4 LTS, 7.0.3.1 LTS, 7.0.3 LTS, 7.0.2.1 LTS, 7.0.2 LTS, 7.0.1.1 LTS, 7.0.1 LTS, 7.0 LTS

Argomento/i:: Technical Solutions

Cronologia articoli:: Data di creazione: 8/1/2024
Ultimo aggiornamento: 2/18/2025

Cerca in tutti gli articoli

Seleziona il prodotto:

Per una maggiore efficacia, compilare l'Obiettivo della chat:

Soluzioni consigliate per il problema

CVE-2024-40595 Authentication Bypass Vulnerability (4376565)

Titolo

Descrizione

Causa

Risoluzione

Resolution

Impacted Versions

Further details and mitigation factors:

Richiesta di modifica

Informazioni aggiuntive

Leave a Comment