Metrics
Affected Vendors & Products
Wed, 18 Dec 2024 02:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9 |
Wed, 18 Dec 2024 09:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos |
|
References |
|
Wed, 27 Nov 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:enterprise_linux:8 |
Tue, 26 Nov 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/o:redhat:enterprise_linux:8::baseos | |
References |
|
Mon, 25 Nov 2024 00:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/o:redhat:rhel_eus:9.4::baseos |
|
References |
|
Fri, 22 Nov 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Redhat rhel Eus
|
|
CPEs | cpe:/a:redhat:rhel_eus:9.4 | |
Vendors & Products |
Redhat rhel Eus
|
Mon, 04 Nov 2024 22:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux-pam
Linux-pam linux-pam |
|
Weaknesses | NVD-CWE-noinfo | |
CPEs | cpe:2.3:a:linux-pam:linux-pam:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* |
|
Vendors & Products |
Linux-pam
Linux-pam linux-pam |
Mon, 04 Nov 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-922 |
Thu, 24 Oct 2024 01:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
threat_severity
|
threat_severity
|
Wed, 23 Oct 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 23 Oct 2024 14:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications. | |
Title | Pam: libpam: libpam vulnerable to read hashed password | |
First Time appeared |
Redhat
Redhat enterprise Linux |
|
CPEs | cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux |
|
References |
| |
Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: redhat
Published: 2024-10-23T13:46:27.963Z
Updated: 2024-12-18T09:14:59.247Z
Reserved: 2024-10-16T16:13:54.632Z
Link: CVE-2024-10041
Updated: 2024-10-23T14:35:20.386Z
Status : Modified
Published: 2024-10-23T14:15:03.970
Modified: 2024-12-18T10:15:05.850
Link: CVE-2024-10041