CVE-2024-40595 Authentication Bypass Vulnerability (4376565)

Converse agora com nosso suporte

Obtenha ajuda em tempo real
Concluir registro

Entrar

Solicitar preços

Entre em contato com o setor de vendas

Voltar

Feedback enviado

Este artigo resolveu um problema para você?

Selecione a classificação

Título

CVE-2024-40595 Authentication Bypass Vulnerability
Descrição

An authentication bypass vulnerability in the RDP component of One Identity Safeguard for Privileged Sessions allows man-in-the-middle attackers to obtain unencrypted information to access privileged sessions on target resources.

This vulnerability is identified by CVE-2024-40595.
Causa

Connection setup for the RDP protocol includes several message exchanges between the client computer and the SPS appliance. It was discovered during an internal audit that under certain configurations, a sensitive piece of information was transferred from the client to SPS in plain text. A man-in-the-middle attacker can intercept this message and use the information to bypass authentication and get access to the victim’s target resource via a monitored session in SPS.
Resolução
Resolution

Upgrade to a patched version now available for download:

For SPS 7.0.5.1 LTS is available for Download Here

For SPS 7.5.1 is available for Download Here

Impacted Versions
- All LTS before 7.0.5.1
- All feature versions before 7.5.1
Further details and mitigation factors:
- Authentication bypass is only practical when a credential store (e.g. Safeguard for Privileged Passwords) is configured in the connection policy. Otherwise, the attacker must perform a second authentication step at the target resource.
- It is not possible to perform the attack invisibly, because the vulnerable sensitive information can only be used once, and only within a fixed time window. The attacker can not mount an attack without a victim performing the gateway authentication first.
- The attacker might get access to a single session, which is recorded and monitored by SPS.
- The attacker can not set the details of the obtained session. The target server and the account is determined by the victim’s connection and the SPS configuration only.
- The integrity of the SPS appliance is not affected by this vulnerability.
- Other supported protocols than RDP are not affected by this vulnerability.
Solicitação de alteração

339857
Informações adicionais

There is no known exploitation of this issue.

Feedback enviado

Este artigo resolveu um problema para você?

Selecione a classificação

Solicitar um artigo da base de conhecimento

Conteúdo recomendado

Produto(s):: One Identity Safeguard for Privileged Sessions
7.5.1, 7.5, 7.0.5.1 LTS, 7.0.5 LTS, 7.0.4 LTS, 7.0.3.1 LTS, 7.0.3 LTS, 7.0.2.1 LTS, 7.0.2 LTS, 7.0.1.1 LTS, 7.0.1 LTS, 7.0 LTS

Tópico(s):: Technical Solutions

Histórico do artigo:: Criado em: 8/1/2024
Última atualização em: 10/24/2024

Search All Articles

Selecione seu produto:

Para podermos atendê-lo melhor, informe o Propósito de seu chat:

Soluções recomendadas para seu problema

CVE-2024-40595 Authentication Bypass Vulnerability (4376565)

Título

Descrição

Causa

Resolução

Resolution

Impacted Versions

Further details and mitigation factors:

Solicitação de alteração

Informações adicionais

Leave a Comment