CVE-2024-4332

Name of the Vulnerable Software and Affected Versions: Tripwire Enterprise version 9.1.0

Description: An authentication bypass issue has been identified in the REST and SOAP API components of Tripwire Enterprise when configured to use LDAP/Active Directory SAML authentication and its optional "Auto-synchronize LDAP Users, Roles, and Groups" feature is enabled. This allows unauthenticated attackers to bypass authentication if a valid username is known, potentially leading to remote attackers gaining privileged access to the APIs and resulting in unauthorized information disclosure or modification.

Recommendations: For Tripwire Enterprise version 9.1.0, consider disabling the "Auto-synchronize LDAP Users, Roles, and Groups" feature until a patch is available to prevent exploitation of the authentication bypass vulnerability. Additionally, restrict access to the REST and SOAP API components to minimize the risk of unauthorized access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.