BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the secret.
History

Wed, 18 Sep 2024 15:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-10-12T00:00:00

Updated: 2024-09-18T14:30:44.768Z

Reserved: 2023-01-16T00:00:00

Link: CVE-2023-23632

cve-icon Vulnrichment

Updated: 2024-08-02T10:35:33.641Z

cve-icon NVD

Status : Modified

Published: 2023-10-12T20:15:12.187

Modified: 2024-11-21T07:46:34.583

Link: CVE-2023-23632

cve-icon Redhat

No data.