CVE-2024-22245

Name of the Vulnerable Software and Affected Versions VMware Enhanced Authentication Plug-in (EAP) (affected versions not specified)

Description The issue is related to arbitrary authentication relay and session hijack vulnerabilities in the deprecated VMware Enhanced Authentication Plug-in (EAP). This could allow a malicious actor to trick a target domain user with EAP installed in their web browser into requesting and relaying service tickets for arbitrary Active Directory Service Principal Names (SPNs). The estimated number of potentially affected devices worldwide is over 312,700 services.

Recommendations Uninstall the deprecated Enhanced Authentication Plugin (EAP) from affected systems. As a temporary workaround, consider restricting access to the EAP plugin until it is uninstalled. Avoid using the EAP plugin for authentication until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.