exploitDog

CVE-2024-40595

Опубликовано: 24 окт. 2024

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

An authentication-bypass issue in the RDP component of One Identity Safeguard for Privileged Sessions (SPS) On Premise before 7.5.1 (and LTS before 7.0.5.1) allows man-in-the-middle attackers to obtain access to privileged sessions on target resources by intercepting cleartext RDP protocol information.

Ссылки

https://support.oneidentity.com/kb/4376565/cve-2024-40595-authentication-bypass-vulnerability

EPSS

Процентиль: 1%

0.00008

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-319

Связанные уязвимости

GHSA-qm7g-8chp-cj2j

CVSS3: 5.3

github

больше 1 года назад

An authentication-bypass issue in the RDP component of One Identity Safeguard for Privileged Sessions (SPS) On Premise before 7.5.1 (and LTS before 7.0.5.1) allows man-in-the-middle attackers to obtain access to privileged sessions on target resources by intercepting cleartext RDP protocol information.

EPSS

Процентиль: 1%

0.00008

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-319