CVE-2024-10963

CVE Details

Visit the official vulnerability details page for CVE-2024-10963 to learn more.

Initial Publication

11/10/2024

Last Update

11/10/2024

Third Party Dependency

libpam-modules

NIST CVE Summary

A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.

CVE Severity

7.4

Our Official Summary

Investigation is ongoing to determine how this vulnerability impacts our products.

Status

Ongoing

Affected Products & Versions

Version	Palette Enterprise	Palette Enterprise Airgap	VerteX	VerteX Airgap
4.5.11	Impacted	Impacted	Impacted	Impacted
4.5.10	Impacted	Impacted	Impacted	Impacted
4.5.8	Impacted	Impacted	Impacted	Impacted
4.5.5	Impacted	Impacted	Impacted	Impacted
4.4.20	Impacted	Impacted	Impacted	Impacted

Revision History

Date	Revision
11/15/2024	Impacted versions changed from 4.5.8, 4.4.20, 4.5.10 to 4.5.8, 4.4.20, 4.5.10, 4.5.11
11/15/2024	Impacted versions changed from 4.5.8, 4.4.20 to 4.5.8, 4.4.20, 4.5.10
11/13/2024	Impacted versions changed from 4.5.8 to 4.5.8, 4.4.20

CVE Details​

Initial Publication​

Last Update​

Third Party Dependency​

NIST CVE Summary​

CVE Severity​

Our Official Summary​

Status​

Affected Products & Versions​

Revision History​