csaf_ncscnl - ncsc-2024-0316

NCSC-2024-0316

Vulnerability from csaf_ncscnl - Published: 2024-07-22 09:17 - Updated: 2024-07-22 09:17

Summary

Kwetsbaarheid verholpen in Broadcom Symantec Privileged Access Management

Notes

The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions: NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein. NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory. This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.

Feiten

Broadcom heeft kwetsbaarheden verholpen in Broadcom Symantec Privileged Access Management.

Interpretaties

Een kwaadwillende kan de kwetsbaarheden misbruiken om willekeurige code uit te voeren op het systeem of om de werking van het systeem te manipuleren. De kwetsbaarheden met kenmerken CVE-2024-36455, CVE-2024-36456 en CVE-2024-38492 stellen een ongeauthenticeerde kwaadwillende in staat om willekeurige code uit te voeren in de scope van een geauthenticeerd slachtoffer. Succesvol misbruik vereist wel dat de kwaadwillende toegang heeft tot de infrastructuur waar Broadcom Symantec Privileged Access Management op draait. Het is goed gebruik een dergelijke interface niet publiek toegankelijk te hebben.

Oplossingen

Broadcom heeft updates uitgebracht om de kwetsbaarheden in Broadcom Symantec Privileged Access Management te verhelpen. Zie bijgevoegde referenties voor meer informatie. Om de security advisory in te zien moet worden ingelogd met een Broadcom account.

Kans

medium

Schade

high

CWE-287

Improper Authentication

CWE-434

Unrestricted Upload of File with Dangerous Type

JSON

To clipboard

{
  "document": {
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE"
      }
    },
    "lang": "nl",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n    NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n    NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n    This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
      },
      {
        "category": "description",
        "text": "Broadcom heeft kwetsbaarheden verholpen in Broadcom Symantec Privileged Access Management.",
        "title": "Feiten"
      },
      {
        "category": "description",
        "text": "Een kwaadwillende kan de kwetsbaarheden misbruiken om willekeurige code uit te voeren op het systeem of om de werking van het systeem te manipuleren.\n\nDe kwetsbaarheden met kenmerken CVE-2024-36455, CVE-2024-36456 en CVE-2024-38492 stellen een ongeauthenticeerde kwaadwillende in staat om willekeurige code uit te voeren in de scope van een geauthenticeerd slachtoffer. Succesvol misbruik vereist wel dat de kwaadwillende toegang heeft tot de infrastructuur waar Broadcom Symantec Privileged Access Management op draait. Het is goed gebruik een dergelijke interface niet publiek toegankelijk te hebben.",
        "title": "Interpretaties"
      },
      {
        "category": "description",
        "text": "Broadcom heeft updates uitgebracht om de kwetsbaarheden in Broadcom Symantec Privileged Access Management te verhelpen. Zie bijgevoegde referenties voor meer informatie. Om de security advisory in te zien moet worden ingelogd met een Broadcom account.",
        "title": "Oplossingen"
      },
      {
        "category": "general",
        "text": "medium",
        "title": "Kans"
      },
      {
        "category": "general",
        "text": "high",
        "title": "Schade"
      },
      {
        "category": "general",
        "text": "Improper Authentication",
        "title": "CWE-287"
      },
      {
        "category": "general",
        "text": "Unrestricted Upload of File with Dangerous Type",
        "title": "CWE-434"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "contact_details": "cert@ncsc.nl",
      "name": "Nationaal Cyber Security Centrum",
      "namespace": "https://www.ncsc.nl/"
    },
    "references": [
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36455"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36456"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36457"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36458"
      },
      {
        "category": "external",
        "summary": "Source - nvd",
        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-38492"
      },
      {
        "category": "external",
        "summary": "Reference - cveprojectv5; nvd",
        "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
      }
    ],
    "title": " Kwetsbaarheid verholpen in Broadcom Symantec Privileged Access Management",
    "tracking": {
      "current_release_date": "2024-07-22T09:17:29.853486Z",
      "id": "NCSC-2024-0316",
      "initial_release_date": "2024-07-22T09:17:29.853486Z",
      "revision_history": [
        {
          "date": "2024-07-22T09:17:29.853486Z",
          "number": "0",
          "summary": "Initiele versie"
        }
      ],
      "status": "final",
      "version": "1.0.0"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502250",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502251",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502252",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502253",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502254",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502255",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502244",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502243",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.0_-_4.1.7:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502256",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.0:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502257",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.1:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502258",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.2:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502259",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.3:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502260",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.4:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502261",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.5:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502262",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.6:*:*:*:*:*:*:*"
              }
            }
          },
          {
            "category": "product_name",
            "name": "symantec_privileged_access_management",
            "product": {
              "name": "symantec_privileged_access_management",
              "product_id": "CSAFPID-1502263",
              "product_identification_helper": {
                "cpe": "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.7:*:*:*:*:*:*:*"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "broadcom"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-36458",
      "product_status": {
        "known_affected": [
          "CSAFPID-1502243",
          "CSAFPID-1502244"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36458",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36458.json"
        }
      ],
      "title": "CVE-2024-36458"
    },
    {
      "cve": "CVE-2024-36457",
      "cwe": {
        "id": "CWE-287",
        "name": "Improper Authentication"
      },
      "notes": [
        {
          "category": "other",
          "text": "Improper Authentication",
          "title": "CWE-287"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1502243",
          "CSAFPID-1502244"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36457",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36457.json"
        }
      ],
      "title": "CVE-2024-36457"
    },
    {
      "cve": "CVE-2024-38492",
      "product_status": {
        "known_affected": [
          "CSAFPID-1502243",
          "CSAFPID-1502244"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-38492",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38492.json"
        }
      ],
      "title": "CVE-2024-38492"
    },
    {
      "cve": "CVE-2024-36456",
      "cwe": {
        "id": "CWE-434",
        "name": "Unrestricted Upload of File with Dangerous Type"
      },
      "notes": [
        {
          "category": "other",
          "text": "Unrestricted Upload of File with Dangerous Type",
          "title": "CWE-434"
        }
      ],
      "product_status": {
        "known_affected": [
          "CSAFPID-1502243",
          "CSAFPID-1502244"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36456",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36456.json"
        }
      ],
      "title": "CVE-2024-36456"
    },
    {
      "cve": "CVE-2024-36455",
      "product_status": {
        "known_affected": [
          "CSAFPID-1502243",
          "CSAFPID-1502244"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-36455",
          "url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36455.json"
        }
      ],
      "title": "CVE-2024-36455"
    }
  ]
}

CVE-2024-36455 (GCVE-0-2024-36455)

Vulnerability from cvelistv5 – Published: 2024-07-15 13:19 – Updated: 2024-08-02 03:37

Summary

An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.

Severity ?

9.4 (Critical)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CWE

CWE-665 - Improper Initialization

Assigner

symantec

References

URL

Tags

https://support.broadcom.com/web/ecx/support-cont…

Impacted products

	Vendor	Product	Version
	Broadcom	Symantec Privileged Access Management	Affected: 4.1.0 - 4.1.7 Affected: 3.4.6

Credits

Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "symantec_privileged_access_management",
            "vendor": "broadcom",
            "versions": [
              {
                "lessThanOrEqual": "4.1.7",
                "status": "affected",
                "version": "4.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "symantec_privileged_access_management",
            "vendor": "broadcom",
            "versions": [
              {
                "status": "affected",
                "version": "3.4.6.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36455",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-15T14:46:20.266758Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-665",
                "description": "CWE-665 Improper Initialization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-15T14:48:53.051Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:37:05.159Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Symantec Privileged Access Management",
          "vendor": "Broadcom",
          "versions": [
            {
              "status": "affected",
              "version": "4.1.0 - 4.1.7"
            },
            {
              "status": "affected",
              "version": "3.4.6"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAn improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request.\u003c/span\u003e\n\n"
            }
          ],
          "value": "An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88 OS Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 9.4,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T13:19:41.914Z",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2024-36455",
    "datePublished": "2024-07-15T13:19:41.914Z",
    "dateReserved": "2024-05-28T10:24:37.077Z",
    "dateUpdated": "2024-08-02T03:37:05.159Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-36456 (GCVE-0-2024-36456)

Vulnerability from cvelistv5 – Published: 2024-07-15 13:31 – Updated: 2024-08-02 03:37

Summary

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.

Severity ?

9.4 (Critical)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CWE

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Assigner

symantec

References

URL

Tags

https://support.broadcom.com/web/ecx/support-cont…

Impacted products

	Vendor	Product	Version
	Broadcom	Symantec Privileged Access Management	Affected: 4.1.0 - 4.1.7 Affected: 3.4.6

Credits

Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "symantec_privileged_access_management",
            "vendor": "broadcom",
            "versions": [
              {
                "status": "affected",
                "version": "3.4.6.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:broadcom:symantec_privileged_access_management:4.1.0.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "symantec_privileged_access_management",
            "vendor": "broadcom",
            "versions": [
              {
                "lessThanOrEqual": "4.1.7",
                "status": "affected",
                "version": "4.1.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36456",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-15T13:44:10.749312Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-94",
                "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-15T13:48:06.113Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:37:05.337Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Symantec Privileged Access Management",
          "vendor": "Broadcom",
          "versions": [
            {
              "status": "affected",
              "version": "4.1.0 - 4.1.7"
            },
            {
              "status": "affected",
              "version": "3.4.6"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.\u003c/span\u003e\n\n"
            }
          ],
          "value": "This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88 OS Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 9.4,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T13:31:44.145Z",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2024-36456",
    "datePublished": "2024-07-15T13:31:44.145Z",
    "dateReserved": "2024-05-28T10:24:37.077Z",
    "dateUpdated": "2024-08-02T03:37:05.337Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-36457 (GCVE-0-2024-36457)

Vulnerability from cvelistv5 – Published: 2024-07-15 13:39 – Updated: 2024-11-12 18:12

Summary

The vulnerability allows an attacker to bypass the authentication requirements for a specific PAM endpoint.

Severity ?

5.3 (Medium)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

CWE

CWE-306 - Missing Authentication for Critical Function

Assigner

symantec

References

URL

Tags

https://support.broadcom.com/web/ecx/support-cont…

Impacted products

	Vendor	Product	Version
	Broadcom	Symantec Privileged Access Management	Affected: 4.1.0 - 4.1.7 Affected: 3.4.6

Credits

Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36457",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-15T18:11:12.488440Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-306",
                "description": "CWE-306 Missing Authentication for Critical Function",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T18:12:40.781Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:37:05.380Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Symantec Privileged Access Management",
          "vendor": "Broadcom",
          "versions": [
            {
              "status": "affected",
              "version": "4.1.0 - 4.1.7"
            },
            {
              "status": "affected",
              "version": "3.4.6"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows an attacker to bypass the authentication requirements for a specific PAM endpoint.\u003c/span\u003e\n\n"
            }
          ],
          "value": "The vulnerability allows an attacker to bypass the authentication requirements for a specific PAM endpoint."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-115",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-115 Authentication Bypass"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T13:39:19.248Z",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Symantec Privileged Access Manager Authentication Bypass vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2024-36457",
    "datePublished": "2024-07-15T13:39:19.248Z",
    "dateReserved": "2024-05-28T10:24:37.077Z",
    "dateUpdated": "2024-11-12T18:12:40.781Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-38492 (GCVE-0-2024-38492)

Vulnerability from cvelistv5 – Published: 2024-07-15 13:54 – Updated: 2024-08-02 04:12

Summary

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.

Severity ?

9.4 (Critical)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

CWE

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Assigner

symantec

References

URL

Tags

https://support.broadcom.com/web/ecx/support-cont…

Impacted products

	Vendor	Product	Version
	Broadcom	Symantec Privileged Access Management	Affected: 4.1.0 - 4.1.7 Affected: 3.4.6

Credits

Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:broadcom:symantec_privileged_access_management:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "symantec_privileged_access_management",
            "vendor": "broadcom",
            "versions": [
              {
                "lessThanOrEqual": "4.1.7",
                "status": "affected",
                "version": "4.1.0",
                "versionType": "custom"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:a:broadcom:symantec_privileged_access_management:3.4.6.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "symantec_privileged_access_management",
            "vendor": "broadcom",
            "versions": [
              {
                "status": "affected",
                "version": "3.4.6.0"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-38492",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-15T15:07:11.231782Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-77",
                "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-16T13:18:28.244Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T04:12:24.735Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Symantec Privileged Access Management",
          "vendor": "Broadcom",
          "versions": [
            {
              "status": "affected",
              "version": "4.1.0 - 4.1.7"
            },
            {
              "status": "affected",
              "version": "3.4.6"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file.\u003c/span\u003e\n\n"
            }
          ],
          "value": "This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-88",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-88 OS Command Injection"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 9.4,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T13:54:38.819Z",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Symantec Privileged Access Manager Remote Command Execution vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2024-38492",
    "datePublished": "2024-07-15T13:54:38.819Z",
    "dateReserved": "2024-06-18T06:18:01.975Z",
    "dateUpdated": "2024-08-02T04:12:24.735Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-36458 (GCVE-0-2024-36458)

Vulnerability from cvelistv5 – Published: 2024-07-15 13:43 – Updated: 2024-11-21 20:55

Summary

The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions.

Severity ?

5.1 (Medium)


                        
                          CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

CWE

CWE-918 - Server-Side Request Forgery (SSRF)

Assigner

symantec

References

URL

Tags

https://support.broadcom.com/web/ecx/support-cont…

Impacted products

	Vendor	Product	Version
	Broadcom	Symantec Privileged Access Management	Affected: 4.1.0 - 4.1.7 Affected: 3.4.6

Credits

Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com Paolo Cavaglià of Shielder (https://www.shielder.com) - research@shielder.com

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-36458",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-15T20:14:24.657266Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-918",
                "description": "CWE-918 Server-Side Request Forgery (SSRF)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T20:55:17.095Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T03:37:05.159Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Symantec Privileged Access Management",
          "vendor": "Broadcom",
          "versions": [
            {
              "status": "affected",
              "version": "4.1.0 - 4.1.7"
            },
            {
              "status": "affected",
              "version": "3.4.6"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Abdel Adim `smaury` Oisfi of Shielder (https://www.shielder.com) - research@shielder.com"
        },
        {
          "lang": "en",
          "type": "finder",
          "value": "Paolo Cavagli\u00e0 of Shielder (https://www.shielder.com) - research@shielder.com"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions.\u003c/span\u003e\n\n"
            }
          ],
          "value": "The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-233",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-233 Privilege Escalation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "ADJACENT",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-15T13:43:53.687Z",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24678"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Symantec Privileged Access Manager Privilege Escalation vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2024-36458",
    "datePublished": "2024-07-15T13:43:53.687Z",
    "dateReserved": "2024-05-28T10:24:37.078Z",
    "dateUpdated": "2024-11-21T20:55:17.095Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

NCSC-2024-0316

CVE-2024-36455 (GCVE-0-2024-36455)

CVE-2024-36456 (GCVE-0-2024-36456)

CVE-2024-36457 (GCVE-0-2024-36457)

CVE-2024-38492 (GCVE-0-2024-38492)

CVE-2024-36458 (GCVE-0-2024-36458)

Tags

Sightings

Nomenclature