BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the secret.
Metrics
Affected Vendors & Products
References
History
Wed, 18 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-10-12T00:00:00
Updated: 2024-09-18T14:30:44.768Z
Reserved: 2023-01-16T00:00:00
Link: CVE-2023-23632
Vulnrichment
Updated: 2024-08-02T10:35:33.641Z
NVD
Status : Modified
Published: 2023-10-12T20:15:12.187
Modified: 2024-11-21T07:46:34.583
Link: CVE-2023-23632
Redhat
No data.