CVE-2024-9313

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Oct 3, 2024

Updated: Oct 4, 2024

Summary

CVE-2024-9313 is a vulnerability affecting the Authd PAM module prior to version 0.3.5, which allows broker-managed users to impersonate other users managed by the same broker and execute any PAM operations, including authentication. The impacted products include zJ-X_3, zKKld8, zKKld9, zJ-X_4, and zJ0ulz. This vulnerability has a high base severity score of 8.8 and poses significant risks to confidentiality, integrity, and availability due to its potential for unauthorized user impersonation. To remediate this issue, organizations should update the Authd PAM module to version 0.3.5 or later. The vulnerability has a low attack complexity but can be exploited over a network without user interaction, increasing its potential danger to organizations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database