CVE-2024-5322

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Jul 1, 2024

Updated: Jul 2, 2024

CWE ID 288

Summary

CVE-2024-5322 is a new vulnerability affecting the N-central server's Entra Single Sign-On (SSO) feature. This issue allows for session rebinding of already authenticated users, potentially leading to authentication bypass. The vulnerability is present in all N-central deployments supporting Entra SSO prior to the 2024.3 release. Malicious actors could exploit this flaw to gain unauthorized access to user accounts and sensitive data. Users are urged to update their N-central servers to the latest version to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Solarwinds N-Central

Affected Vendors

N-able Technologies International

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/wwthjb
https://www.cve.org/CVERecord?id=CVE-2024-5322
https://nvd.nist.gov/vuln/detail/CVE-2024-5322

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

GrayAlpha Uses Diverse Infection Vectors to Deploy PowerNet Loader and NetSupport RAT

Know What Matters

For Customers

For Partners