A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
History

Wed, 04 Dec 2024 14:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift:4.16::el9

Wed, 04 Dec 2024 02:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:openshift:4.17::el9

Tue, 26 Nov 2024 06:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat rhel Eus
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/a:redhat:rhel_eus:9.4
Vendors & Products Redhat rhel Eus

Mon, 11 Nov 2024 18:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in pam_access due to the improper handling of tokens in access.conf, interpreted as hostnames. This flaw allows attackers to bypass access restrictions by spoofing hostnames, undermining configurations designed to limit access to specific TTYs or services. The flaw poses a risk in environments relying on these configurations for local access control. A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.

Fri, 08 Nov 2024 14:45:00 +0000

Type Values Removed Values Added
Metrics threat_severity

Moderate

threat_severity

Important


Fri, 08 Nov 2024 06:45:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N'}

cvssV3_1

{'score': 7.4, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N'}


Thu, 07 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 07 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE. A vulnerability was found in pam_access due to the improper handling of tokens in access.conf, interpreted as hostnames. This flaw allows attackers to bypass access restrictions by spoofing hostnames, undermining configurations designed to limit access to specific TTYs or services. The flaw poses a risk in environments relying on these configurations for local access control.
Title pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass Pam: improper hostname interpretation in pam_access leads to access control bypass
First Time appeared Redhat
Redhat enterprise Linux
Redhat openshift
CPEs cpe:/a:redhat:openshift:4
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
Redhat openshift
References

Thu, 07 Nov 2024 13:30:00 +0000

Type Values Removed Values Added
Description No description is available for this CVE.
Title pam: Improper Hostname Interpretation in pam_access Leads to Access Control Bypass
Weaknesses CWE-287
References
Metrics threat_severity

None

cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N'}

threat_severity

Moderate


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-11-07T16:02:34.873Z

Updated: 2024-11-11T23:37:25.182Z

Reserved: 2024-11-07T07:29:13.250Z

Link: CVE-2024-10963

cve-icon Vulnrichment

Updated: 2024-11-07T18:27:37.229Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-11-07T16:15:17.150

Modified: 2024-11-11T18:15:14.487

Link: CVE-2024-10963

cve-icon Redhat

Severity : Important

Publid Date: 2024-11-07T00:00:00Z

Links: CVE-2024-10963 - Bugzilla