Search criteria
36 vulnerabilities found for Symantec Privileged Access Management by Broadcom
CVE-2025-24507 (GCVE-0-2025-24507)
Vulnerability from cvelistv5 – Published: 2025-01-30 18:41 – Updated: 2025-02-05 05:37
VLAI?
Summary
This vulnerability allows appliance compromise at boot time.
Severity ?
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24507",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:17:11.902260Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:20:56.173Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows appliance compromise at boot time.\u003c/span\u003e"
}
],
"value": "This vulnerability allows appliance compromise at boot time."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T05:37:57.252Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24507",
"datePublished": "2025-01-30T18:41:50.906Z",
"dateReserved": "2025-01-22T08:29:34.305Z",
"dateUpdated": "2025-02-05T05:37:57.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24506 (GCVE-0-2025-24506)
Vulnerability from cvelistv5 – Published: 2025-01-30 18:39 – Updated: 2025-02-05 05:36
VLAI?
Summary
A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types.
Severity ?
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24506",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:17:39.353436Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:19:19.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA specific authentication strategy allows to learn ids of PAM users associated with certain authentication types.\u003c/span\u003e"
}
],
"value": "A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Harvesting"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T05:36:34.940Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24506",
"datePublished": "2025-01-30T18:39:19.670Z",
"dateReserved": "2025-01-22T08:29:34.305Z",
"dateUpdated": "2025-02-05T05:36:34.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24505 (GCVE-0-2025-24505)
Vulnerability from cvelistv5 – Published: 2025-01-30 18:36 – Updated: 2025-02-05 05:36
VLAI?
Summary
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.
Severity ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24505",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:18:01.463871Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:18:34.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.\u003c/span\u003e"
}
],
"value": "This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file."
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T05:36:07.471Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24505",
"datePublished": "2025-01-30T18:36:09.450Z",
"dateReserved": "2025-01-22T08:29:34.305Z",
"dateUpdated": "2025-02-05T05:36:07.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24504 (GCVE-0-2025-24504)
Vulnerability from cvelistv5 – Published: 2025-01-30 18:31 – Updated: 2025-02-05 04:52
VLAI?
Summary
An improper input validation the CSRF filter results in unsanitized user input written to the application logs.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24504",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:21:14.984031Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:21:22.120Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper input validation the CSRF filter results in unsanitized user input written to the application logs.\u003c/span\u003e"
}
],
"value": "An improper input validation the CSRF filter results in unsanitized user input written to the application logs."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T04:52:30.495Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24504",
"datePublished": "2025-01-30T18:31:41.795Z",
"dateReserved": "2025-01-22T08:29:34.305Z",
"dateUpdated": "2025-02-05T04:52:30.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24503 (GCVE-0-2025-24503)
Vulnerability from cvelistv5 – Published: 2025-01-30 18:27 – Updated: 2025-02-05 04:51
VLAI?
Summary
A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server.
Severity ?
CWE
- CWE-384 - Session Fixation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24503",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:21:41.750449Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:22:07.337Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003eA malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T04:51:10.380Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24503",
"datePublished": "2025-01-30T18:27:08.641Z",
"dateReserved": "2025-01-22T08:29:34.305Z",
"dateUpdated": "2025-02-05T04:51:10.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24502 (GCVE-0-2025-24502)
Vulnerability from cvelistv5 – Published: 2025-01-30 18:24 – Updated: 2025-02-05 04:50
VLAI?
Summary
An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.
Severity ?
CWE
- CWE-384 - Session Fixation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:22:34.004253Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:22:57.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.\u003c/span\u003e"
}
],
"value": "An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T04:50:21.091Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24502",
"datePublished": "2025-01-30T18:24:32.902Z",
"dateReserved": "2025-01-22T08:29:34.304Z",
"dateUpdated": "2025-02-05T04:50:21.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24501 (GCVE-0-2025-24501)
Vulnerability from cvelistv5 – Published: 2025-01-30 18:21 – Updated: 2025-02-12 20:41
VLAI?
Summary
An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24501",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T18:49:21.691738Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:36.667Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.\u003c/span\u003e"
}
],
"value": "An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T04:48:43.903Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24501",
"datePublished": "2025-01-30T18:21:37.817Z",
"dateReserved": "2025-01-22T08:29:34.304Z",
"dateUpdated": "2025-02-12T20:41:36.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24500 (GCVE-0-2025-24500)
Vulnerability from cvelistv5 – Published: 2025-01-30 18:15 – Updated: 2025-03-13 13:11
VLAI?
Summary
The vulnerability allows an unauthenticated attacker to access information in PAM database.
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:34:04.538750Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T13:11:59.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows an unauthenticated attacker to access information in PAM database.\u003c/span\u003e"
}
],
"value": "The vulnerability allows an unauthenticated attacker to access information in PAM database."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T04:48:15.533Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24500",
"datePublished": "2025-01-30T18:15:12.337Z",
"dateReserved": "2025-01-22T08:29:34.304Z",
"dateUpdated": "2025-03-13T13:11:59.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38496 (GCVE-0-2024-38496)
Vulnerability from cvelistv5 – Published: 2024-07-15 14:16 – Updated: 2024-12-03 18:52
VLAI?
Title
Symantec Privileged Access Manager Insecure Direct Object Reference vulnerability
Summary
The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships.
Severity ?
CWE
- CWE-922 - Insecure Storage of Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38496",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T14:45:36.244815Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922 Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T18:52:06.312Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships.\u003c/span\u003e\n\n"
}
],
"value": "The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T14:17:34.701Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager Insecure Direct Object Reference vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38496",
"datePublished": "2024-07-15T14:16:57.213Z",
"dateReserved": "2024-06-18T06:18:01.976Z",
"dateUpdated": "2024-12-03T18:52:06.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38495 (GCVE-0-2024-38495)
Vulnerability from cvelistv5 – Published: 2024-07-15 14:13 – Updated: 2024-11-04 19:03
VLAI?
Title
Symantec Privileged Access Manager User Enumeration vulnerability
Summary
A specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database.
Severity ?
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38495",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T16:02:44.357644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T19:03:14.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database.\u003c/span\u003e\n\n"
}
],
"value": "A specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Harvesting"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T14:13:12.364Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager User Enumeration vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38495",
"datePublished": "2024-07-15T14:13:12.364Z",
"dateReserved": "2024-06-18T06:18:01.976Z",
"dateUpdated": "2024-11-04T19:03:14.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38494 (GCVE-0-2024-38494)
Vulnerability from cvelistv5 – Published: 2024-07-15 14:03 – Updated: 2024-08-02 04:12
VLAI?
Title
Symantec Privileged Access Manager Remote Command Execution vulnerability
Summary
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.
Severity ?
CWE
- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "symantec_privileged_access_management",
"vendor": "broadcom",
"versions": [
{
"lessThanOrEqual": "4.1.7",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38494",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T20:06:23.210982Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T14:42:36.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.726Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.\u003c/span\u003e\n\n"
}
],
"value": "This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T14:03:53.924Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38494",
"datePublished": "2024-07-15T14:03:53.924Z",
"dateReserved": "2024-06-18T06:18:01.976Z",
"dateUpdated": "2024-08-02T04:12:24.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38493 (GCVE-0-2024-38493)
Vulnerability from cvelistv5 – Published: 2024-07-15 14:00 – Updated: 2024-10-27 23:14
VLAI?
Title
Symantec Privileged Access Manager Reflected Cross Site Scripting vulnerability
Summary
A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38493",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T14:26:20.346185Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-27T23:14:03.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.\u003c/span\u003e\n\n"
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T14:01:02.575Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager Reflected Cross Site Scripting vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38493",
"datePublished": "2024-07-15T14:00:15.105Z",
"dateReserved": "2024-06-18T06:18:01.976Z",
"dateUpdated": "2024-10-27T23:14:03.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38492 (GCVE-0-2024-38492)
Vulnerability from cvelistv5 – Published: 2024-07-15 13:54 – Updated: 2024-08-02 04:12
VLAI?
Title
Symantec Privileged Access Manager Remote Command Execution vulnerability
Summary
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.
Severity ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "symantec_privileged_access_management",
"vendor": "broadcom",
"versions": [
{
"lessThanOrEqual": "4.1.7",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "symantec_privileged_access_management",
"vendor": "broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T15:07:11.231782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T13:18:28.244Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.\u003c/span\u003e\n\n"
}
],
"value": "This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T13:54:38.819Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38492",
"datePublished": "2024-07-15T13:54:38.819Z",
"dateReserved": "2024-06-18T06:18:01.975Z",
"dateUpdated": "2024-08-02T04:12:24.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38491 (GCVE-0-2024-38491)
Vulnerability from cvelistv5 – Published: 2024-07-15 13:50 – Updated: 2024-11-04 16:36
VLAI?
Title
Symantec Privileged Access Manager SQL Injection vulnerability
Summary
The vulnerability allows an unauthenticated attacker to read arbitrary information from the database.
Severity ?
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T19:27:00.311332Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T16:36:30.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows an unauthenticated attacker to read arbitrary information from the database.\u003c/span\u003e\n\n"
}
],
"value": "The vulnerability allows an unauthenticated attacker to read arbitrary information from the database."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T13:50:52.327Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager SQL Injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38491",
"datePublished": "2024-07-15T13:50:52.327Z",
"dateReserved": "2024-06-18T06:18:01.975Z",
"dateUpdated": "2024-11-04T16:36:30.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36458 (GCVE-0-2024-36458)
Vulnerability from cvelistv5 – Published: 2024-07-15 13:43 – Updated: 2024-11-21 20:55
VLAI?
Title
Symantec Privileged Access Manager Privilege Escalation vulnerability
Summary
The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions.
Severity ?
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36458",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T20:14:24.657266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T20:55:17.095Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:05.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions.\u003c/span\u003e\n\n"
}
],
"value": "The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T13:43:53.687Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-36458",
"datePublished": "2024-07-15T13:43:53.687Z",
"dateReserved": "2024-05-28T10:24:37.078Z",
"dateUpdated": "2024-11-21T20:55:17.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24507 (GCVE-0-2025-24507)
Vulnerability from nvd – Published: 2025-01-30 18:41 – Updated: 2025-02-05 05:37
VLAI?
Summary
This vulnerability allows appliance compromise at boot time.
Severity ?
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24507",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:17:11.902260Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:20:56.173Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows appliance compromise at boot time.\u003c/span\u003e"
}
],
"value": "This vulnerability allows appliance compromise at boot time."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 8.9,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T05:37:57.252Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24507",
"datePublished": "2025-01-30T18:41:50.906Z",
"dateReserved": "2025-01-22T08:29:34.305Z",
"dateUpdated": "2025-02-05T05:37:57.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24506 (GCVE-0-2025-24506)
Vulnerability from nvd – Published: 2025-01-30 18:39 – Updated: 2025-02-05 05:36
VLAI?
Summary
A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types.
Severity ?
CWE
- CWE-203 - Observable Discrepancy
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24506",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:17:39.353436Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-203",
"description": "CWE-203 Observable Discrepancy",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:19:19.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA specific authentication strategy allows to learn ids of PAM users associated with certain authentication types.\u003c/span\u003e"
}
],
"value": "A specific authentication strategy allows to learn ids of PAM users associated with certain authentication types."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Harvesting"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T05:36:34.940Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24506",
"datePublished": "2025-01-30T18:39:19.670Z",
"dateReserved": "2025-01-22T08:29:34.305Z",
"dateUpdated": "2025-02-05T05:36:34.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24505 (GCVE-0-2025-24505)
Vulnerability from nvd – Published: 2025-01-30 18:36 – Updated: 2025-02-05 05:36
VLAI?
Summary
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.
Severity ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24505",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:18:01.463871Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:18:34.247Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file.\u003c/span\u003e"
}
],
"value": "This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by uploading a specially crafted upgrade file."
}
],
"impacts": [
{
"capecId": "CAPEC-253",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-253 Remote Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T05:36:07.471Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24505",
"datePublished": "2025-01-30T18:36:09.450Z",
"dateReserved": "2025-01-22T08:29:34.305Z",
"dateUpdated": "2025-02-05T05:36:07.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24504 (GCVE-0-2025-24504)
Vulnerability from nvd – Published: 2025-01-30 18:31 – Updated: 2025-02-05 04:52
VLAI?
Summary
An improper input validation the CSRF filter results in unsanitized user input written to the application logs.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24504",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:21:14.984031Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:21:22.120Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper input validation the CSRF filter results in unsanitized user input written to the application logs.\u003c/span\u003e"
}
],
"value": "An improper input validation the CSRF filter results in unsanitized user input written to the application logs."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T04:52:30.495Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24504",
"datePublished": "2025-01-30T18:31:41.795Z",
"dateReserved": "2025-01-22T08:29:34.305Z",
"dateUpdated": "2025-02-05T04:52:30.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24503 (GCVE-0-2025-24503)
Vulnerability from nvd – Published: 2025-01-30 18:27 – Updated: 2025-02-05 04:51
VLAI?
Summary
A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server.
Severity ?
CWE
- CWE-384 - Session Fixation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24503",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:21:41.750449Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:22:07.337Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003e\u003cbr\u003eA malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e"
}
],
"value": "A malicious actor can fix the session of a PAM user by tricking the user to click on a specially crafted link to the PAM server."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T04:51:10.380Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24503",
"datePublished": "2025-01-30T18:27:08.641Z",
"dateReserved": "2025-01-22T08:29:34.305Z",
"dateUpdated": "2025-02-05T04:51:10.380Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24502 (GCVE-0-2025-24502)
Vulnerability from nvd – Published: 2025-01-30 18:24 – Updated: 2025-02-05 04:50
VLAI?
Summary
An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.
Severity ?
CWE
- CWE-384 - Session Fixation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24502",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:22:34.004253Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-384",
"description": "CWE-384 Session Fixation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T19:22:57.193Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address.\u003c/span\u003e"
}
],
"value": "An improper session validation allows an unauthenticated attacker to cause certain request notifications to be executed in the context of an incorrect user by spoofing the client IP address."
}
],
"impacts": [
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T04:50:21.091Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24502",
"datePublished": "2025-01-30T18:24:32.902Z",
"dateReserved": "2025-01-22T08:29:34.304Z",
"dateUpdated": "2025-02-05T04:50:21.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24501 (GCVE-0-2025-24501)
Vulnerability from nvd – Published: 2025-01-30 18:21 – Updated: 2025-02-12 20:41
VLAI?
Summary
An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.
Severity ?
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24501",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T18:49:21.691738Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:36.667Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request.\u003c/span\u003e"
}
],
"value": "An improper input validation allows an unauthenticated attacker to alter PAM logs by sending a specially crafted HTTP request."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T04:48:43.903Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24501",
"datePublished": "2025-01-30T18:21:37.817Z",
"dateReserved": "2025-01-22T08:29:34.304Z",
"dateUpdated": "2025-02-12T20:41:36.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24500 (GCVE-0-2025-24500)
Vulnerability from nvd – Published: 2025-01-30 18:15 – Updated: 2025-03-13 13:11
VLAI?
Summary
The vulnerability allows an unauthenticated attacker to access information in PAM database.
Severity ?
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
3.4.6
Affected: 4.1.0 , ≤ 4.1.8 (custom) Affected: 4.2.0 |
Credits
Stefan Grönke (gronke@radicallyopensecurity.com)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24500",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T19:34:04.538750Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-13T13:11:59.284Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6"
},
{
"lessThanOrEqual": "4.1.8",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "4.2.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Stefan Gr\u00f6nke (gronke@radicallyopensecurity.com)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows an unauthenticated attacker to access information in PAM database.\u003c/span\u003e"
}
],
"value": "The vulnerability allows an unauthenticated attacker to access information in PAM database."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-05T04:48:15.533Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25362"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2025-24500",
"datePublished": "2025-01-30T18:15:12.337Z",
"dateReserved": "2025-01-22T08:29:34.304Z",
"dateUpdated": "2025-03-13T13:11:59.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38496 (GCVE-0-2024-38496)
Vulnerability from nvd – Published: 2024-07-15 14:16 – Updated: 2024-12-03 18:52
VLAI?
Title
Symantec Privileged Access Manager Insecure Direct Object Reference vulnerability
Summary
The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships.
Severity ?
CWE
- CWE-922 - Insecure Storage of Sensitive Information
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38496",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T14:45:36.244815Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922 Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-03T18:52:06.312Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships.\u003c/span\u003e\n\n"
}
],
"value": "The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships."
}
],
"impacts": [
{
"capecId": "CAPEC-122",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-122 Privilege Abuse"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T14:17:34.701Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager Insecure Direct Object Reference vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38496",
"datePublished": "2024-07-15T14:16:57.213Z",
"dateReserved": "2024-06-18T06:18:01.976Z",
"dateUpdated": "2024-12-03T18:52:06.312Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38495 (GCVE-0-2024-38495)
Vulnerability from nvd – Published: 2024-07-15 14:13 – Updated: 2024-11-04 19:03
VLAI?
Title
Symantec Privileged Access Manager User Enumeration vulnerability
Summary
A specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database.
Severity ?
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38495",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T16:02:44.357644Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T19:03:14.832Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:25.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database.\u003c/span\u003e\n\n"
}
],
"value": "A specific authentication strategy allows a malicious attacker to learn ids of all PAM users defined in its database."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Information Harvesting"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T14:13:12.364Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager User Enumeration vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38495",
"datePublished": "2024-07-15T14:13:12.364Z",
"dateReserved": "2024-06-18T06:18:01.976Z",
"dateUpdated": "2024-11-04T19:03:14.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38494 (GCVE-0-2024-38494)
Vulnerability from nvd – Published: 2024-07-15 14:03 – Updated: 2024-08-02 04:12
VLAI?
Title
Symantec Privileged Access Manager Remote Command Execution vulnerability
Summary
This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.
Severity ?
CWE
- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "symantec_privileged_access_management",
"vendor": "broadcom",
"versions": [
{
"lessThanOrEqual": "4.1.7",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38494",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T20:06:23.210982Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T14:42:36.168Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.726Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.\u003c/span\u003e\n\n"
}
],
"value": "This vulnerability allows a high-privileged authenticated PAM user to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T14:03:53.924Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38494",
"datePublished": "2024-07-15T14:03:53.924Z",
"dateReserved": "2024-06-18T06:18:01.976Z",
"dateUpdated": "2024-08-02T04:12:24.726Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38493 (GCVE-0-2024-38493)
Vulnerability from nvd – Published: 2024-07-15 14:00 – Updated: 2024-10-27 23:14
VLAI?
Title
Symantec Privileged Access Manager Reflected Cross Site Scripting vulnerability
Summary
A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.
Severity ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38493",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T14:26:20.346185Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-27T23:14:03.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.835Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI.\u003c/span\u003e\n\n"
}
],
"value": "A reflected cross-site scripting (XSS) vulnerability exists in the PAM UI web interface. A remote attacker able to convince a PAM user to click on a specially crafted link to the PAM UI web interface could potentially execute arbitrary client-side code in the context of PAM UI."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "ACTIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T14:01:02.575Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager Reflected Cross Site Scripting vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38493",
"datePublished": "2024-07-15T14:00:15.105Z",
"dateReserved": "2024-06-18T06:18:01.976Z",
"dateUpdated": "2024-10-27T23:14:03.057Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38492 (GCVE-0-2024-38492)
Vulnerability from nvd – Published: 2024-07-15 13:54 – Updated: 2024-08-02 04:12
VLAI?
Title
Symantec Privileged Access Manager Remote Command Execution vulnerability
Summary
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.
Severity ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "symantec_privileged_access_management",
"vendor": "broadcom",
"versions": [
{
"lessThanOrEqual": "4.1.7",
"status": "affected",
"version": "4.1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "symantec_privileged_access_management",
"vendor": "broadcom",
"versions": [
{
"status": "affected",
"version": "3.4.6.0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38492",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T15:07:11.231782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T13:18:28.244Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.\u003c/span\u003e\n\n"
}
],
"value": "This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T13:54:38.819Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38492",
"datePublished": "2024-07-15T13:54:38.819Z",
"dateReserved": "2024-06-18T06:18:01.975Z",
"dateUpdated": "2024-08-02T04:12:24.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38491 (GCVE-0-2024-38491)
Vulnerability from nvd – Published: 2024-07-15 13:50 – Updated: 2024-11-04 16:36
VLAI?
Title
Symantec Privileged Access Manager SQL Injection vulnerability
Summary
The vulnerability allows an unauthenticated attacker to read arbitrary information from the database.
Severity ?
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38491",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T19:27:00.311332Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-04T16:36:30.021Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T04:12:24.822Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows an unauthenticated attacker to read arbitrary information from the database.\u003c/span\u003e\n\n"
}
],
"value": "The vulnerability allows an unauthenticated attacker to read arbitrary information from the database."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T13:50:52.327Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager SQL Injection vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-38491",
"datePublished": "2024-07-15T13:50:52.327Z",
"dateReserved": "2024-06-18T06:18:01.975Z",
"dateUpdated": "2024-11-04T16:36:30.021Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36458 (GCVE-0-2024-36458)
Vulnerability from nvd – Published: 2024-07-15 13:43 – Updated: 2024-11-21 20:55
VLAI?
Title
Symantec Privileged Access Manager Privilege Escalation vulnerability
Summary
The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions.
Severity ?
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Broadcom | Symantec Privileged Access Management |
Affected:
4.1.0 - 4.1.7
Affected: 3.4.6 |
Credits
Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com
Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36458",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-15T20:14:24.657266Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T20:55:17.095Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:37:05.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Symantec Privileged Access Management",
"vendor": "Broadcom",
"versions": [
{
"status": "affected",
"version": "4.1.0 - 4.1.7"
},
{
"status": "affected",
"version": "3.4.6"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
},
{
"lang": "en",
"type": "finder",
"value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions.\u003c/span\u003e\n\n"
}
],
"value": "The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T13:43:53.687Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Symantec Privileged Access Manager Privilege Escalation vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2024-36458",
"datePublished": "2024-07-15T13:43:53.687Z",
"dateReserved": "2024-05-28T10:24:37.078Z",
"dateUpdated": "2024-11-21T20:55:17.095Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}