CVE-2024-47616

Summary

CVE-2024-47616 is a vulnerability affecting the Pomerium identity and context-aware access proxy, specifically impacting its databroker service. The issue arises from incomplete validation of JSON Web Tokens (JWT), which may allow unauthorized access to the databroker API, potentially leading to user information exfiltration, session spoofing, or tampering with configurations. Organizations using Pomerium Zero or Pomerium Enterprise with service account access tokens that have future expiration dates are at risk if their core databroker gRPC API is not properly secured by network controls. To remediate this vulnerability, it is recommended that users update to the latest version of Pomerium, as outlined in the release notes. The exploitability score for this vulnerability is rated at 1.6, indicating a medium level of severity with high impacts on confidentiality and integrity.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.