CVE-2024-10963
CVSS 3.1 Score 7.4 of 10 (high)
Details
Published Nov 7, 2024
Updated: Nov 11, 2024
CWE ID 287
Summary
CVE-2024-10963 is a newly discovered vulnerability affecting the pam_access module. This flaw permits attackers to bypass access controls by posing as trusted hostnames. Certain configuration rules in pam_access are mistakenly interpreted as hostnames, allowing unauthorized access to services or terminals. Systems that utilize this feature for access control are at risk of being compromised by this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share