CVE-2024-10963

CVSS 3.1 Score 7.4 of 10 (high)

Details

Published Nov 7, 2024
Updated: Nov 11, 2024
CWE ID 287

Summary

CVE-2024-10963 is a newly discovered vulnerability affecting the pam_access module. This flaw permits attackers to bypass access controls by posing as trusted hostnames. Certain configuration rules in pam_access are mistakenly interpreted as hostnames, allowing unauthorized access to services or terminals. Systems that utilize this feature for access control are at risk of being compromised by this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share