CVE-2024-10963
CVE Details
Visit the official vulnerability details page for CVE-2024-10963 to learn more.
Initial Publication
11/08/2024
Last Update
12/16/2024
Third Party Dependency
libpam-modules
NIST CVE Summary
A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
CVE Severity
Our Official Summary
This vulnerability in pam_access allows hostname spoofing to bypass restrictions intended for specific local TTYs or services This enables attackers with minimal effort to exploit gaps in security policies that rely on access.conf configurations.
This is reported on a few of the third party images which do not use pam_access. So risk of exploitation is low. Impact of exploit is also low, since these containers present a minimal attack surface.
Status
Ongoing
Affected Products & Versions
Version | Palette Enterprise | Palette Enterprise Airgap | VerteX | VerteX Airgap |
---|---|---|---|---|
4.5.15 | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
4.5.11 | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
4.5.10 | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
4.5.8 | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
4.5.5 | ⚠️ Impacted | ✅ No Impact | ⚠️ Impacted | ✅ No Impact |
4.4.20 | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted | ⚠️ Impacted |
Revision History
Date | Revision |
---|---|
12/16/2024 | Impacted versions changed from 4.5.5, 4.5.8, 4.4.20, 4.5.10, 4.5.11 to 4.5.5, 4.5.8, 4.4.20, 4.5.10, 4.5.11, 4.5.15 |
12/11/2024 | Official summary revised: This vulnerability in pam_access allows hostname spoofing to bypass restrictions intended for specific local TTYs or services This enables attackers with minimal effort to exploit gaps in security policies that rely on access.conf configurations. This is reported on a few of the third party images which do not use pam_access. So risk of exploitation is low. Impact of exploit is also low, since these containers present a minimal attack surface. |
11/19/2024 | Status changed from Open to Ongoing |
11/19/2024 | Official summary revised: This vulnerability in pam_access allows hostname spoofing to bypass restrictions intended for specific local TTYs or services This enables attackers with minimal effort to exploit gaps in security policies that rely on access.conf configurations. This is reported on a few of the third party images which do not on pam_access. So risk of exploitation is low. Impact of exploit is also low, since these containers present a minimal attack surface. |
11/15/2024 | Impacted versions changed from 4.5.5, 4.5.8, 4.4.20, 4.5.10 to 4.5.5, 4.5.8, 4.4.20, 4.5.10, 4.5.11 |
11/15/2024 | Impacted versions changed from 4.5.5, 4.5.8, 4.4.20 to 4.5.5, 4.5.8, 4.4.20, 4.5.10 |
11/13/2024 | Impacted versions changed from 4.5.5, 4.5.8 to 4.5.5, 4.5.8, 4.4.20 |
11/10/2024 | Advisory assigned with HIGH severity |
11/10/2024 | Impacted versions changed from 4.5.5 to 4.5.5, 4.5.8 |