CVE-2024-45488

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 30, 2024

Summary

CVE-2024-45488 is a critical vulnerability affecting One Identity Safeguard for Privileged Passwords versions prior to 7.5.2, specifically in virtual appliance installations on VMware or HyperV platforms. The issue stems from improper handling of cookies, which allows unauthorized access to sensitive information. Organizations utilizing affected versions are urged to upgrade to one of the fixed releases: 7.0.5.1 LTS, 7.4.2, or 7.5.2 to mitigate this security risk. The vulnerability poses significant dangers, including potential high impacts on confidentiality and integrity, given its exploitability score of 9.8 and low attack complexity rating. Without remediation, organizations may face severe consequences related to unauthorized access and data breaches through network-based attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database