PT-2024-28035 · Pam · Pam

Paolo Cavaglià

Published

2024-07-15

Updated

2024-07-16

CVE-2024-38495

CVSS v4.0

5.3

Medium

Vector

AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions PAM (affected versions not specified)

Description A specific authentication strategy in PAM allows a malicious attacker to learn the ids of all PAM users defined in its database.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2024-38495

Pam