CVE-2024-28058
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2024-28058 is a vulnerability affecting RSA NetWitness Platform versions prior to 12.5.1. This issue allows an internal threat actor to bypass user access revocations and gain unauthorized access to sensitive data, even after the targeted user's session has been terminated. Despite an administrator's attempts to restrict access, the impersonated user can continue to access and potentially manipulate sensitive information. This security lapse poses a significant risk to organizations using the RSA NetWitness Platform, emphasizing the importance of updating to the latest version to mitigate this threat.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- NetWitness
Affected Vendors
- NetWitness Corp