Описание
BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions.
Уязвимые конфигурации
Конфигурация 1Версия до 25.1 (исключая)
cpe:2.3:a:beyondtrust:privileged_remote_access:*:*:*:*:*:*:*:*
EPSS
Процентиль: 8%
0.00029
Низкий
7.8 High
CVSS3
Дефекты
CWE-287
Связанные уязвимости
CVSS3: 7.8
github
9 месяцев назад
BeyondTrust Privileged Remote Access (PRA) versions prior to 25.1 are vulnerable to a local authentication bypass. A local authenticated attacker can view the connection details of a ShellJump session that was initiated with external tools, allowing unauthorized access to connected sessions.
EPSS
Процентиль: 8%
0.00029
Низкий
7.8 High
CVSS3
Дефекты
CWE-287